US-CERT: Microsoft's advice on Downadup is flawed
Microsoft's advice on disabling Windows' "Autorun" feature is flawed, the U.S. Computer Emergency Readiness Team (US-CERT) said Wednesday, and leaves users who rely on its guidelines to protect their PCs against the fast-spreading Downadup worm open to attack.
In an alert issued Monday , US-CERT said Microsoft's instructions on turning off Autorun are "not fully effective" and "could be considered a vulnerability."
The flaw in Microsoft's guidelines are important at the moment, because the "Downadup" worm, which has compromised more computers than any other attack in years, can spread through USB devices, such as flash drives and cameras, by taking advantage of Windows' "Autorun" and "Autoplay" features.
Autorun, the focus of the US-CERT warning, lets Windows automatically run any program specified in the "autorun.inf" on, for example, a CD or a flash drive, as soon as the disc or device is inserted or connected. By default, Windows has Autorun enabled.
The problem is that Downadup, which as of last week had infected nearly 9 million PCs worldwide, tries to spread using USB-based devices, typically flash drives. The worm creates an autorun.inf file at the root directory of any USB-based device it finds connected to the infected machine, then when that device is later connected to an uninfected computer, the autorun.inf file copies the worm to the machine without any action on the part of the user, or the user even knowing.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
security
Powered by Twitter
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
Beat Downadup/Conficker like a pro
Did Downadup/conficker attack your network? I've created a batch file for system administrators to clean/patch/cure infected systems in their networks.check it out here:
http://extremesecurity.blogspot.com/2009/01/beat-downadupconficker-like-pro-my.html
バッテリー
大阪でバッテリー販売。 セルモーターリビルト。 オルタネーターリビルト。リビルト在庫多数。大阪で電装品販売。リンク品在庫多数。大阪でウイング車モーター修理・販売・在庫多数。大阪でパワーゲート車モーター修理・販売・在庫多数。