February 25, 2009

Microsoft fixes problem in disabling AutoRun

Microsoft has fixed a problem that prevents users from selectively disabling AutoRun features in an effort to stop the Conficker worm from spreading.

The fix, delivered Tuesday, corrects an issue that prevents the NoDriveTypeAutoRun registry key from functioning as expected when users try to disable AutoRun, according to the advisory.

AutoRun is a Windows feature that allows files or programs to immediately run as soon as a removable media device, such as a USB stick or CD-ROM, is connected to a computer.

The update from Microsoft comes after US-CERT last month issued a warning that Windows does not properly disable AutoRun, which could allow malicious code to spread. One of the vectors by which the infectious Conficker, or Downadup, worm propagates is through removable storage devices.

Microsoft said it recommends all customers to install the update, which affects all supported Windows versions.
Related Articles
Related Topics
close

Next Article in News

More in News

Twitter begins rollout of two-factor authentication to limit account takeovers

Twitter begins rollout of two-factor authentication to limit ...

Following a series of high-profile Twitter account hijacks, the microblogging service finally has delivered two-factor authentication.

Commission offers suggestions for stemming online spy threat from China

Commission offers suggestions for stemming online spy threat ...

The 100-page report mostly addresses alleged Chinese cyber espionage operations, and suggests it's time for U.S. government agencies and corporations to consider more proactive approaches, possibly including hack-backs.

Researchers link "Sunshop" group to recent espionage attacks

The IE exploit was most recently used in watering hole attacks directed at the U.S. Department of Labor website.