Windows 7

Microsoft in tune with malware violations has taken the step to stop hackers from using Autorun as a way to access the operating system.

What is Autorun? It is a utility, contains knowledge of auto-starting locations of any startup monitor. This program shows you what programs are configured to run during system bootup or login, and it also shows you in what the order  that Windows processes the entries. Here is a short list of what programs are included in Autorun, these are Run, RunOnce, and other Registry keys. In addition to that, you can configure Autorun to show other locations, such as Explorer shell extensions, toolbars, browser helper objects, Winlogon notifications, and auto-start services, among others. The design of Autorun does a lot more than the MSConfig utility ever did, which was bundled with Windows Me and XP.

However, Autorun has been the basis of malware attacks, and this has concerned Microsoft. With hundreds of thousands users still running Windows XP, despite the security problems by doing so, Microsoft has decided to disable the AutoRun feature on Windows XP. If you look at the graph, Windows XP has a larger share of the attacks compared to Windows 7.

According to Microsoft, “A similarity all of these worms share is a common propagation method. They all abuse the autoplay feature of Autorun, many by creating or manipulating Autorun.inf files on network drives and removable media, so that when a user connects, the malware is automatically executed on their system. On average in 2010, about 9% of Windows 7 Security Essentials users reported seeing one of these families at least once per month in comparison to 13% of Windows XP users. In other words, a Windows XP user was 43% more likely to report one of these Autorun detections in any given month in comparison to a Windows 7 user.”

So the problem with Autorun is that it is inviting hackers to enter the system, and hackers know it. This is like leaving the front door unlocked, and only a few people know about it. But as people notice that you can enter through the front door, more people actually start doing so.

Hackers are a community. They may not know each other, but they know when a hack attack works, and then they study how it was done. Before long the community knows how to use the same procedures to make their own hack attacks. This is what Microsoft is trying to curb now.

Source: http://blogs.technet.com/b/mmpc/archive/2011/02/08/breaking-up-the-romance-between-malware-and-autorun.aspx

Related posts:

1. Microsoft Releases USB-Autorun Fix
2. Shocker: Windows 7 is More Secure Than Snow Leopard
3. Another IE Flaw Afflicts XP Users
4. Microsoft Issues Emergency Patch For Zero Day Flaw
5. Microsoft Warning Users Of Zero-Day Windows Exploit