Microsoft tightens Windows 7 security for USB drives

Posted by Oyya-Info on Monday, June 15, 2009 Under: Security

In the wake of the Conficker worm spreading via removable storage devices among other methods, Microsoft said on Tuesday it is making a change to the way Windows 7 handles USB drives.

As a result of the change, most USB drives will not be able to automatically launch a program using a Windows feature known as AutoRun, Microsoft said in a post on its Security Research & Defense Blog.

So, if an infected USB drive is inserted on a machine then the AutoRun task will not be displayed, Microsoft said.

Fixed removable media, such as CDs and DVDs will still be able to use AutoRun. Also, some specialized "smart" USB flash drives such as those containing U3 software will still be able to appear as DVD drives, effectively allowing them to also use AutoRun, Microsoft cautioned.

The change will show up in the release candidate version of Windows 7 that is being released to developers this week and publicly on May 5.

Microsoft said it is planning on making the change available on Windows Vista and Windows XP, as well.

In February, Microsoft released an update for Windows AutoRun that allows people to selectively disable the AutoRun functionality for drives on a system or network to provide more security. The update addressed an issue that prevented the NoDriveTypeAutoRun registry key from functioning as expected. Disabling AutoRun functionality can help prevent the execution of arbitrary code when a removable storage device is used.

The AutoRun functionality has been blamed for malware that has infected USB thumb drives, leading to a temporary ban on their use at the U.S. Defense Department, and digital photo frames, among other storage types.

In : Security 


Tags: microsoft windows 7 security autorun usb windows 7 beta windows 7 rc windows 7 release candidate 



Best Communitation Website
Which communication website is best?

Myspace
Facebook
Twitter
Furry-paws
Youtube


Make a Free Website with Yola.