eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
Microsoft has backported changes to its AutoRun and AutoPlay features to Windows Vista and Windows XP to help users fight malware that spreads via USB devices.
Microsoft made the change in Windows 7 earlier in 2009 to stop the spread of the infamous Conficker worm, which was taking advantage of the functionality to silently jump from PC to PC. With the change, Windows will no longer display the AutoRun task in the AutoPlay dialog except for removable optical media such as CDs and DVDs.
The functionality was made available for XP, Vista, and Windows Server 2003 and 2008 on Aug. 25. Information on how to download the updates can be found here.
The decision to make the change followed the well-publicized growth of malware spreading via USB devices during the past couple of years. In fact, a report by Symantec found that self-copying to removable media was among the most common means of malware propagation in the second half of 2007.
“McAfee expects increased attacks involving USB sticks and flash-memory devices used in cameras, picture frames and other consumer electronics,” Dave Marcus, director of security research at McAfee Avert Labs, blogged in January. “This trend will continue due to the almost unregulated use of flash storage [devices] across enterprise environments as well as their popularity among consumers.”