Ramblings of an old Doc

 

 

Gregg Keizer at Computerworld reported today that Microsoft started offering Windows XP and Vista users an optional update that disables AutoRun, yesterday. AutoRun is a feature of the operating system that the notorious Conficker and Stuxnet worms used to infect millions of PCs (but not Windows 7 OS).

The move, said Microsoft, was a response to malware's continued reliance on infection tactics that abuse AutoRun and AutoPlay, a pair of technologies that automatically launch executable files on removable media, especially USB flash drives.

Last August, Panda Software said that 25% of all worms were designed to propagate through the handy USB drives.

Windows 7 users don’t have to worry because MS changed AutoRun to block automatic execution of files on a USB drive, and backported that functionality to Windows XP and Vista with an update in August 2009. Users of XP and Vista, however, had to seek out and manually download that update from Microsoft's site.

Yesterday's move of offering it as an optional update makes it easier for XP and Vista users to retrieve and install the AutoRun deactivation update.

MS hopes that the update will better protect Windows machines, particularly those running XP, which have been harder hit by malware that uses AutoRun as one of several spreading strategies.

According to data gleaned from Microsoft's antivirus software, XP systems are more than 10 times more likely to become infected by malware that uses AutoRun than PCs running Windows 7.

The AutoRun change can be installed by selecting the "KB971029" update from the "Software, Optional" section of Windows Update in XP. The same update is listed in Vista's Windows Update panel under "Important" -- the same section devoted to Tuesday's patches -- but the KB971029 entry's box must be checked to add it to the download and install list.”

http://support.microsoft.com/kb/971029


Comments
on Feb 09, 2011

Those updates from MS took about fifteen minutes to install. Got them this morning. One reboot and done.

on Feb 10, 2011

I never thought about it since either Local Policies or Group policies do the the same thing.  And it is one of the first changes I make to almost any computer.

on Feb 13, 2011

So, if i install the new xp update to disable autorun, how will this affect things i want to do on my pc?

on Feb 13, 2011

It should only disable autorun because it is vulnerable to outside influence. It should not adversely affect anything else.

on Feb 13, 2011

^ That is correct, ElanaAhova.

on Feb 13, 2011

It does not disable autorun on CD/DVD/BlueRay drives though, those still work. 

on Feb 13, 2011

That's exactly right, Tom.