News

Windows XP, Vista AutoRun update reduces malware infections by 82%

February 'backport' of Windows 7 feature worked like a charm, says Microsoft

June 14, 2011 02:39 PM ET

Computerworld - Microsoft today credited a February security update for lowering AutoRun-abusing malware infection rates on Windows XP and Vista by as much as 82% since the start of the year.

Four months ago, Microsoft offered XP and Vista users an optional update -- which was later changed to automatically download and install -- that disabled AutoRun.

Microsoft changed AutoRun's behavior in Windows 7 to block automatic execution of files on a USB drive. It first backported the modifications to Windows XP and Vista in 2009. Until February, however, users had to manually seek out the update.

With the update in place, flash drives inserted into a PC running XP or Vista no longer offer the option to run programs. AutoRun's extinction does not affect CDs or DVDs, however.

The move has paid off in spades, said Microsoft today.

"The infection rates for Windows XP and Vista went down...pretty significantly, in fact," said Holly Stewart, a senior program manager with the Microsoft Malware Protection Center (MMPC), in a blog post Tuesday.

According to statistics compiled by the MMPC from data delivered by the Malicious Software Removal Tool (MSRT), a free utility that detects and deletes some attack code, infection rates of malware that spreads through AutoRun plummeted after the February update reached XP and Vista.

Since January 2011, the month before the AutoRun update shipped, infection rates of XP Service Pack 3 (SP3) -- the sole version still supported by Microsoft -- have dropped by 62%. Vista SP1's infection rate has fallen by 68% while Vista SP2's has plunged by 82% in the same period.

Microsoft will abandon support of Vista SP1 next month.

"That's a huge reduction," said Andrew Storms, director of security operations at nCircle Security. "Imagine if AutoRun was never invented."

Storms was talking about the fact that the Windows feature was abused by some of the highest-profile worms in the last two years, including Conficker and Stuxnet.

Microsoft credits a February update for XP and Vista for dramatically dropping infection rates of AutoRun-abusing malware. (Graphic: Microsoft)

Comments ()

What is Tech Briefcase?

TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more

Bookmark content

Speed up your research efforts with content across the web.

Search and Store

Find the white papers you need. Create folders for any topic.

View Anywhere

Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.

Don't have an account yet?

Additional Resources

WHITE PAPER

Enter the Security KnowledgeVault

Security is not an option. This KnowledgeVault Series offers professional advice how to be proactive in the fight against cybercrimes and multi-layered security threats; how to adopt a holistic approach to protecting and managing data; and how to hire a qualified security assessor. Make security your Number 1 priority.

Read now.

WHITE PAPER

Cut Communications Costs Once and for All

New IP-based communications systems are being deployed by small and midsized businesses at a rapid rate. Learn how these organizations are enabling faster responsiveness, creating better customer experiences, speeding office or mobile interactions, and dramatically reducing existing communications costs.

Read now.

Top Stories

Free Insider Guide

Excel 2010 Cheat Sheet: Register for this Computerworld Insider Cheat Sheet and gain access to hundreds of premium content articles, guides, product reviews and more.

Security White Papers

Driving Secure Enterprise File Sharing and Syncing in the Enterprise: GroupLogic's new activEcho is the industry's only secure Enterprise File Sharing and Synching solution that balances the need for simplicity for the end...
The Enterprise File Sharing Option: Enterprises and IT departments need to address several critical security issues when considering file sharing and syncing products. Many of today's solutions do...
Security Strategies to Virtualizing Internet-Facing Applications: The IT organization at Intel has set a goal to transition their enterprise to a private cloud for their Office and Enterprise applications....
Cloud Security Planning Guide: Cloud security considerations span protecting hardware and platform technologies in the data center to enabling regulatory compliance and defending cloud access through different...
Cloud Security Vendor Round Table: This vendor round table guide will help you to evaluate different cloud technology vendors and service providers based on a series of questions...

Security Webcasts

Live Webcast Data Privacy and Protection in Production Environments: New Research from Ponemon Institute: Date: Wednesday, June 13, 2012, 1:00 PM EDT / 10:00 AM PDT

In a recent study conducted by Ponemon Institute, fifty-five percent of respondents...
Data Privacy and Protection in Production Environments: New Research from Ponemon Institute: Date: Wednesday, June 13, 2012, 1:00 PM EDT / 10:00 AM PDT

In a recent study conducted by Ponemon Institute, fifty-five percent of respondents...
Security Certifications 101 - BlackBerry and all those acronyms what do they mean and why they matter?: FIPS, Common Criteria, CAPS, AISEP, NFC, NIST, Fraunhofer SIT, CESG, DSD - these are just some of the government and industry certifications which...
BlackBerry PlayBook OS 2.0 Security Overview: The presentation provides an overview of BlackBerry PlayBook OS 2.0 security capabilities and features, including: BlackBerry® Balance™ technology, BlackBerry® Bridge, data-at-rest protection, and...
BlackBerry NFC Security Overview: The presentation on NFC security will provide an overview of the security protections built into the BlackBerry platform to protect users, application developers...
Playing Defense: Staying on Top of Your Disaster Recovery Game: When it comes to disaster recovery, rapidly growing data volumes, distributed computing models, and new technologies all combine to present an ever-changing playing...