Tag: USB Drives

Microsoft to Fix Autorun Issue for Windows XP

The windows autorun feature has been a cake for the malware and botnet creators, based on which they designed many attacks. Being a main aid to trojans and viruse like Conficker, Taterf, Rimecud, Autorun, etc, the autorun was more seen to be as a vulnerability than a feature.

PCs using Windows XP were the most exploited ones due to the autorun feature. According to Microsoft, Windows XP users were 10 times more likely to get exploited due to the Autorun feature compared to others. Learning from past, Windows 7 was launched with a different configuration of Autorun through which Microsoft was successful in reducing the autorun-abusing malware attacks.

Now, Microsoft wants to resolve the autorun issue in Windows XP too. In a technet blog, Adam Shostack, a program manager of TWC Security has announced to release an “Important, non-security update” that would install the security protocols used in Windows 7 in to Windows XP.

As per the new protocol:

  • The autorun feature is confined to work only for CD/DVDs and will no longer support non-optical removal media like USB drives.
  • The dialog box of Autoplay clarifies that the program being executed is running from external media.

For updating it manually in Windows XP, Windows Server 2003, Windows Vista or Windows Server 2008, visit http://support.microsoft.com/kb/971029.

How to Disable Autorun Feature in Windows PC

Your network might seem well protected with all the security measures you have taken from direct attacks. But a whopping 25 percent of malware today is developed to spread through USB devices. Infection through USB drives spreads undetectable into the network and makes it harder to deal with later.

The autorun feature in Windows will simply make the operating system execute anything it is told to execute by an autorun.inf file on the removable media. Disabling autorun is one of the best methods to secure your PCs from notorious USB drives.

The process to disable autorun in Windows XP Professional, Server 2003 and 2000 versions is as follows:

  • Click StartRun → type Gpedit.msc Enter
  • In the window that opens, go to Computer Configuration and expand Administrative Templates
  • Click System and go to Settings pane
  • Right click on Turn off Autoplay and select Properties → Enabled
  • Select the required drives in the Turn off Autoplay box to disable Autorun on respective drives or select All drives to disable on all drives
  • Click OK
  • Restart the computer

The process to disable autorun in Windows Server 2008 or Windows Vista versions is as follows:

  • Click Start → type Gpedit.msc in Search programs and files box and hit Enter
  • In the window that opens, go to Computer Configuration → expand Administrative Templates → expand Windows Components and click on Autoplay Policies
  • In the Details pane, double-click Turn off Autoplay
  • Select Enabled
  • Select the required drives in the Turn off Autoplay box to disable Autorun on respective drives or select All drives to disable on all drives
  • Click OK
  • Restart the computer

The process to disable autorun in Windows 7

  • Click Start → type Gpedit.msc in Search programs and files box and hit Enter
  • In the window that opens, go to Computer Configuration → expand Administrative Templates → expand Windows Components
  • Right click on Turn off Autoplay and select Edit
  • Select Enabled
  • Select the required drives in the Turn off Autoplay box to disable Autorun on respective drives or select All drives to disable on all drives
  • Click Apply → OK
  • Restart the computer

Related Links:
website monitoring service

Securing Your PCs from Notorious USB Drives

No amount of precautions and security measures for a network will equal the vulnerability created by a small USB device. You can see all the pain you have taken to make your network secure, crumble in a matter of seconds, due to an issue caused by a USB drive. USB drives are small, handy and convenient but one can’t imagine how notorious they are.

Few instances here will tell you how dangerous can a small USB drive be:

  • According to research from Avast, roughly one in eight of the 700,000-plus malware incidents it identified in 2010 were due to tainted USB devices.
  • Security consulting and research firm the Ponemon Institute, found that more than 800,000 data-sensitive devices, including USB drives, portable hard drives and laptops, were compromised in 2009.
  • The top two virus threats reported by BitDefender, are actually spread through USB drives.
  • According to research by Panda Security, a whopping 25 percent of malware today is developed to spread through USB devices.
  • Recently, an assistant professor and his student at George Mason University, demonstrated how Operating Systems fail a USB Attack. They just used a smartphone connected to a PC through a USB cable and were able to hack it. The professor simply credited his successful exploit to the USB protocol which does not ask for authentication when an unknown device connects to a computing platform.

These are only a few instances on what an infected USB drive can do.

pendrive-150x150USBs – a threat for Corporate Networks
An employee can simply bring in an infected USB drive to office, knowingly or unknowingly, and connect it to his system and get it infected. The system then spreads its infection to other PCs over the network. A research report from Avast says that more than 60 percent of all malware in circulation can be spread via USB drives. To corporate networks, notorious USB devices are not just confined to spreading malware. They simply offer a way for indiscernible data stealing.

Precautions and necessary steps to be secure
The situation today isn’t so worse that the USB drives would simply force the users to face the threats they impose. It requires just a few changes in the default settings of USB ports to eliminate the hazards of notorious USB drives. Few of them are as follows:

  • Disabling autorun option (Windows PCs)
  • Blocking unauthorized USB devices
  • Maintain personal and business USB drives separate. So that you don’t contaminate your office network from threats outside.
  • Do not plug an unknown USB drive into your computer. This is a simple precaution but works best.
  • As prevention is better than cure, you can just block USB drives on your computer/laptop (through registry key settings in Windows OS) permanently and use alternatives.

(more…)