Malware abusing Windows Autorun plummets Microsoft saw a sharp drop in malware infections that exploit a widely abused Windows Autorun feature almost immediately after it was automatically disabled in earlier versions of the operating system. As measured by Microsoft's various antimalware programs, Windows XP and Vista suffered 1.3 million fewer infections in the …
I've been disabling Autorun on PCs since it was introduced in 1995
And the network related SSDP / uPNP which automatically discovers a network gadget and lets it automatically install. I've never encountered any network device that absolutely needs those.
Also WHY automatically bind MS client to EVERY network connection. Some logic in automatically doing it for cabled ethernet and LAN WiFi, but even then it should ask. Stupid binding on an ethernet port only connecting to a cable modem with no router/firewall or on a 3G /EDGE adaptor.
Ever have someone walk up and ask to use your PC for just a second so they can print a document they have on their handy little USB drive? Guess what until its plugged in and actually scanned you don't know if it has Malware on it or not.
I've hated Autorun for years.. I have a habit of putting in a CD or DVD or a Flash drive in my PC and not needing it now but I know I will be using it later. Only to get that stupid nag screen asking me what I want to do.. You know what... I don't want you to do a damn thing until I select what I want to do with the device by Right-Clicking it!
If something from outside is going to connect to something inside (hence the port forwarding) I damn well want to know about it. There are NO exceptions to this rule.
As for exiting my internal network, the rules are far more relaxed but still limited by the destination port and the device trying to get out (a printer has no business talking to the outside world).
This is basic Admin stuff, there is nothing super about it.
[dma@foo ~]$ echo "There was a lot of work in the industry to get people moved over to new technology built into Windows, and we felt that we had finally got to that point where the industry was in agreement with us that it was time to push it out to everybody" | wc -w
49
49 words to express "we couldn't be arsed"
The SoDOMM communities have recently been alight with news of @LulzSec and @Anony_Ops breaches.
However, in reality there are more exploits and breaches to user data via @microsoft then via @any_organisation_on_earth
@timeguide wrote an article recently on "Why do we let stupid people make important decisions? " http://bit.ly/jFSX9m however we still deploy MS desktops ... :)
@microsoft is responsible for more user data breaches than any other organisation on Earth, I think. No data to validate that but....
So ... indeed why? And that is applicable to a number of questions... but back to @cloudpassage why guys must do article on them some time if you have not already.
"Windows will dutifully execute code embedded into CDs and DVDs that are inserted into computers. To date, malware criminals have shown little interest in exploiting the weakness"
Isn't this how Sony's rootkit found its way onto numerous computers? Oh, yeah, I forgot, they're a big corporation, definitely not criminals. No sir.
Merely the fact that the URL is hidden behind the text is bad enough, "click here to log into your online banking account" is tempting to the ignorant and obviously works because the scammers keep trying it.
Outlook improved somewhat when the feature to automatically convert all incoming email to plain text was added.
"The data raises the obvious question: If automatically retiring Autorun reaped such clear benefits, why didn't Microsoft do it years ago?"
Because there was NO ADVANTAGE TO MICROSOFT for doing it.
It seems that now there is, what with its previously-unassailable OS dominance under threat from various groups that no longer accept the prevalence of zero-day attacks.
contemplate "cloud" and "tablet" and you'll have a start.
It's not so much that WIndows might be displaced on PCs, although some of that will happen. It's more that Windows PCs are no longer at the center of users' experiences.
When the lock on the "clients" goes away, as it is now doing, then Microsoft's lock on the server-client interaction is worth much less than it previously was. You can't automatically sell Windows Server 20xx because it's the only thing that integrates "fully" with Windows "n" (n being some number such as 7, 8 etc).
Those heady days are gone. Steve Ballmer just hasn't realized it yet.
Because auto-run was used by automatic backup devices, that automatically did a backup of your computer when you plugged them into your computer.
And other similar applications that used auto-run as it was designed to be used.
And disabling autorun breaks that functionality. That technology has gradually been replaced over the last couple of years.
But why spoil a good rant when reality is too ordinary?
Tell your machine that when it sees this UUID device (For which you can sub a readable name) that is should run a certain program with parameters.
Preferably a program held on the PC, not the device, but it doesn't really matter if you trust your devices.
Such a system can't be that hard (udev?) for a behemoth like Micro$oft to wrap a pretty gui round for your granny to use. Backup drive manufacturers could even interface with it..
They almost entirely disappeared when Microsoft changed Office's behaviour. Viruses that depended on AutoExec and AutoOpen no longer replicated.
The pattern? Viruses die out when the environment that supports them changes.
I wonder how long it will take MS to really take that on board?
MS have been selling the pipe-dream that software is ready for installation and use by anyone who feels like doing so -- the truth is it is not and will not be for a few years yet.
MS, and Apple to a lesser extent, have been pretending that software is now usable and installable by people who have no knowledge or experience at all -- and the huge numbers of badly-configured computers and the large botnets are a result of that.
They should've disabled that fecking 'feature' years and years ago.
It's good they finally have, but that doesn't suddenly stop everyone I know's PC from doing that Johnny 5 "input! input! input!" impression when you connect a new storage device to the machine, bringing up a "ooh, what files have you got?" scanning window (or two) and then "click me now!" windows you never wanted in the first place.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
