RSS

USB Autorun malware on the wane

15 Jun

Here’s some good news in the ongoing fight against Windows-based malware – it appears that there has been a significant drop in the number of computers being infected by malware which exploits the Windows Autorun feature.

Autorun is the technology which makes a program start automatically when you insert a CD or USB stick into your Windows PC. You may have spotted the tell-tale Autorun.inf files in the root directory of your USB sticks and on CDs in the past.

Autorun may sound like it’s great for functionality, but a large amount of malware (the most notorious example would probably be the Confickerworm) has exploited the technology to infect computers via USB sticks in the past.

Earlier this year, Microsoft rolled out an update, effectively preventing Autorun malware from automatically infecting PCs without the user’s permission.

And the good news is that it appears to have worked.

Microsoft chart of Autorun infections

According to research done by Microsoft, by May 2011 the number of infections found on scanned computers had reduced by 59% on XP and by 74% on Vista in comparison to the 2010.

Of course, disabling Autorun doesn’t mean the 100% eradication of all Autorun malware – as some examples use a variety of alternative techniques to spread beyond using the Autorun functionality.

Well done to Microsoft for removing most of the weeds from that particular corner of the malware garden.

by Graham Cluley on June 15, 2011

Advertisements
 
Leave a comment

Posted by on June 15, 2011 in Computer Security

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: