What Windows Autorun Has Wrought
A new report by Microsoft shows that the two most prevalent threats to Windows PCs in the first half of 2009 were malicious programs that have been aided mightily in their spread by a decision by Microsoft to allow the contents of removable media -- such as USB thumb drives -- to load automatically when inserted into Windows machines.
In its latest "Security Intelligence Report," Microsoft counted the number of threats detected by its anti-malware desktop products, and found that the Conficker worm, along with a Trojan horse program called Taterf which steals passwords and license keys for popular computer games, were detected on 5.21 million and 4.91 million Windows computers, respectively.
In April, after the third version of Conficker became front-page news and even fodder for feature story on 60 Minutes, Microsoft announced that its AutoPlay function would no longer support AutoRun for USB drives. Autorun is disabled for USB drives in Windows 7 (the new OS still automatically plays any inserted CDs and DVDs). In late August, Microsoft released a patch that similarly disables Autorun on Windows XP, Vista, Windows Server 2003 and Server 2008 systems.
However, this patch does not appear to have been pushed out through Microsoft's Automatic Updates or Windows Update, so if you'd like to install it, you'll need to visit this link and download the appropriate version for your operating system. Users who install this update will no longer receive a setup message that prompts them to install programs that are delivered by USB thumb drives. Wilders Security Forum has a nice writeup on this patch, and offers some harmless sample code to test whether your Windows box has this feature enabled.
http://voices.washingtonpost.com/securityfix/2009/11/what_windows_autorun_hath_wrou.html