Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Microsoft has finally decided to push out a Windows update that should stop attempts to exploit AutoRun with a USB stick.
AutoRun is a feature of the Windows operating system that fires up any program once a USB or CD/DVD is inserted into a computer.
In recent years hackers have increasingly turned to AutoRun, which permits programmers to deliver instructions via Autorun.inf files to run programs without first gaining user permission.
The problem for Microsoft was that while the obvious solution was to disable AutoRun, it was considered a legitimate feature, which happened to be exploited by the Conficker worm, Rimecud and Taterf.
"AutoRun isn't an accident -- it's by design, and as I mentioned we care about the very real positive uses of the feature. In other words, in a very real sense, it's not a bug, it's a feature," said Adam Shostack, a Microsoft security program manager.
So Microsoft wasn't calling its Windows Update a "security update" but rather an "Important, non-security update" which effectively disabled AutoRun.
The feature remained in Windows 7 but Microsoft claimed to have largely addressed AutoRun abuse. One of its reasons for issuing the "non-security update" was that it found that Windows XP users were 10 times more likely to get infected when faced with such an attack.
First introduced in Windows 95, the feature has caused security professionals frustration. In 2008, infected digital picture frames exploited the feature and while it was possible to disable AutoRun, doing so was not an easy task.
At last year's AusCERT security conference IBM accidentally issued delegates a thumb drive which exploited AutoRun.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.