Microsoft declares a victory against autorun malware

Google logoMicrosoft appears to be winning a major battle against autorun malware.

A blog post this week by Microsoft's Malware Protection Center said the company discovered 1.3 million fewer infections on Windows Vista and XP caused by autorun malware from mid-February to mid-May, compared with the three months prior.

A persistent security threat for the past several years, autorun malware typically spreads through flash drives, memory cards, and other external devices courtesy of Microsoft's autorun feature, which automatically executes a command when the device is plugged in.

Autorun has been a trigger for some of the "top families" of malware, including Conficker, Rimecud, and Taterf, according to Microsoft.

In February, Microsoft started pushing out updates for Windows XP and Vista to lock down the autorun feature. The company had already rolled out a similar update for the release candidate of Windows 7 early in 2009.

Following the updates to XP and Vista, Microsoft said it started seeing a drop in the number of autorun-based infections. In May, there were 59 percent fewer infections on XP and 74 percent fewer on Vista, compared with May 2010. Infections in versions of Windows with the latest service packs, such as Windows XP SP3 and Windows Vista SP1 and SP2, showed even greater declines.

The year-over-year rates for Windows 7 stayed about the same because it already had autorun lockdown in place. They also remained similar for Windows XP SP2, which didn't get the update because Microsoft no longer supports it.

Overall, the company said, the number of infections found across all operating systems by Microsoft in May had dropped by 68 percent compared with the 2010 numbers.

Of course, the larger war against malware continues to rage, but the battle against autorun infections seems to have scored a victory, according to Microsoft.

"Abusing Autorun was only one trick up their [the malware writers'] collective sleeve," Microsoft said in its blog. "However, judging by the numbers in our data, it was a lucrative one."

Though Microsoft may be proud of its achievement, one third-party antivirus vendor seems less than impressed with the company's actions.

"This isn't a victory, it is a very late response to a well known problem that had a very predictable result," said Randy Abrams, director of technical education, for ESET North America, in a statement e-mailed to CNET.

Abrams, who said he blogged about the problems of autorun back in 2007, "applauded" Microsoft for doing the right thing. But he feels the company should apologize for taking so long to fix this problem in the first place.

"It is obvious that the moment the autorun patches were available for XP and Vista they should have been critical updates," Abrams told CNET. "Not one other extremely critical vulnerability in any operating system had been left unaddressed for so long after its potential for abuse was widely known and exploited."

Another third-party vendor disputed the dramatic drop in autorun malware that Microsoft touted.

Looking at some of the top autorun families, including Palevo, Autorun, Kido, and Magania, antivirus company Kapersky found only a 15 percent average drop in them from January to May of this year.

"We are not sure what detections, counts, regions, or systems may be left out of Microsoft's numbers, but we are not seeing the same abrupt drop in similar autorun malware detections that Microsoft is seeing," Kapersky's statistics infrastructure project manager, Sergey Mineev, and senior malware researcher, Kurt Baumgartner, told CNET. "While Microsoft's statistics are different from what it has reported in the past, our findings are consistent with what we've seen historically."

Source: CNET

Tags: Google, Google+

Add comment

Your name:
Sign in with:
Your comment:

Enter code:

E-mail (not required)
E-mail will not be disclosed to the third party

Last news

Galaxy Note10 really is built around a 6.7-inch display
You may still be able to download your content
Facebook, Messenger and Instagram are all going away
Minimize apps to a floating, always-on-top bubble
Japan Display has been providing LCDs for the iPhone XR, the only LCD model in Apple’s 2018 line-up
The 2001 operating system has reached its lowest share level
The entire TSMC 5nm design infrastructure is available now from TSMC
The smartphone uses a Snapdragon 660 processor running Android 9 Pie
The Samsung Galaxy A5 (2017) Review
The evolution of the successful smartphone, now with a waterproof body and USB Type-C
February 7, 2017 / 2
Samsung Galaxy TabPro S - a tablet with the Windows-keyboard
The first Windows-tablet with the 12-inch display Super AMOLED
June 7, 2016 /
Keyboards for iOS
Ten iOS keyboards review
July 18, 2015 /
Samsung E1200 Mobile Phone Review
A cheap phone with a good screen
March 8, 2015 / 4
Creative Sound Blaster Z sound card review
Good sound for those who are not satisfied with the onboard solution
September 25, 2014 / 2
Samsung Galaxy Gear: Smartwatch at High Price
The first smartwatch from Samsung - almost a smartphone with a small body
December 19, 2013 /

News Archive



Do you use microSD card with your phone?
or leave your own version in comments (15)