Windows XP, Vista AutoRun update reduces malware infections by 82%
February 'backport' of Windows 7 feature worked like a charm, says Microsoft
Computerworld - Microsoft today credited a February security update for lowering AutoRun-abusing malware infection rates on Windows XP and Vista by as much as 82% since the start of the year.
Four months ago, Microsoft offered XP and Vista users an optional update -- which was later changed to automatically download and install -- that disabled AutoRun.
Microsoft changed AutoRun's behavior in Windows 7 to block automatic execution of files on a USB drive. It first backported the modifications to Windows XP and Vista in 2009. Until February, however, users had to manually seek out the update.
With the update in place, flash drives inserted into a PC running XP or Vista no longer offer the option to run programs. AutoRun's extinction does not affect CDs or DVDs, however.
The move has paid off in spades, said Microsoft today.
"The infection rates for Windows XP and Vista went down...pretty significantly, in fact," said Holly Stewart, a senior program manager with the Microsoft Malware Protection Center (MMPC), in a blog post Tuesday.
According to statistics compiled by the MMPC from data delivered by the Malicious Software Removal Tool (MSRT), a free utility that detects and deletes some attack code, infection rates of malware that spreads through AutoRun plummeted after the February update reached XP and Vista.
Since January 2011, the month before the AutoRun update shipped, infection rates of XP Service Pack 3 (SP3) -- the sole version still supported by Microsoft -- have dropped by 62%. Vista SP1's infection rate has fallen by 68% while Vista SP2's has plunged by 82% in the same period.
Microsoft will abandon support of Vista SP1 next month.
"That's a huge reduction," said Andrew Storms, director of security operations at nCircle Security. "Imagine if AutoRun was never invented."
Storms was talking about the fact that the Windows feature was abused by some of the highest-profile worms in the last two years, including Conficker and Stuxnet.
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts