Old Malware Problem Resurfaces

Sue Marquette Poremba

Eighteen months ago, Microsoft proclaimed a victory over autorun malware – a problem that had plagued Windows for years. As eWEEK described it back in June 2011:

Microsoft rolled out an update in February to modify the autorun functionality in Windows XP and Vista so that malware can't infect computers without user permission. By May 2011, the number of infections found on scanned computers had dropped by 59 percent on XP systems and 74 percent on Vista, compared to 2010.

However, the article went on to say that the malware wasn’t eradicated completely, so users beware. And sure enough, last week, the Autorun malware was making headlines again, but with a slightly different twist, as PC World pointed out:

The significant increase in infection is curious because Windows 7 and Windows 8 PCs will not launch autorun.inf files, and Microsoft has released two patches for older systems. Therefore, security experts believe infections are happening through a combination of unpatched computers, shared folders and files, and social media.


The malware is spreading through older means – an infected USB drive plugged into an unpatched computer, for example – but the spread through social media and shared folders shows that those creating the malware understand that we aren’t sharing media the way we did even a year ago. The cloud and social media and other technologies have reduced the need to share CDs or DVDs or USB drives, and the bad guys have obviously picked up on that. Hence, the new rise of an old malware problem.

According to TechWorld:

The latest malware disguises itself as files and folders in writeable network shares and removable devices, while hiding the originals. The application will also create .exe files named "porn" and "sexy" and a folder called "passwords," to entice people to click on them. The malware adds a registry key, so it can start when a PC is booted up. Variants of the application will disable Windows Update to prevent the victim from downloading patches to disable the malware.

To prevent the malware from hitting your computer, security experts recommend disabling Autorun on all Windows operating systems. The new outbreak of the Autorun malware is also a good reminder of why you should always make sure you download new patches as soon as they come out. (No word yet if this will be addressed in the December Patch Tuesday.)



Add Comment      Leave a comment on this blog post

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


 
Resource centers

Business Intelligence

Business performance information for strategic and operational decision-making

SOA

SOA uses interoperable services grouped around business processes to ease data integration

Data Warehousing

Data warehousing helps companies make sense of their operational data


Thanks for your registration, follow us on our social networks to keep up-to-date