USB Autorun malware on the wane

Filed Under: Malware, Microsoft, Windows

Woman holding USB stickHere's some good news in the ongoing fight against Windows-based malware - it appears that there has been a significant drop in the number of computers being infected by malware which exploits the Windows Autorun feature.

Autorun is the technology which makes a program start automatically when you insert a CD or USB stick into your Windows PC. You may have spotted the tell-tale Autorun.inf files in the root directory of your USB sticks and on CDs in the past.

Autorun may sound like it's great for functionality, but a large amount of malware (the most notorious example would probably be the Conficker worm) has exploited the technology to infect computers via USB sticks in the past.

Earlier this year, Microsoft rolled out an update, effectively preventing Autorun malware from automatically infecting PCs without the user's permission.

And the good news is that it appears to have worked.

Microsoft chart of Autorun infections

According to research done by Microsoft, by May 2011 the number of infections found on scanned computers had reduced by 59% on XP and by 74% on Vista in comparison to the 2010.

Of course, disabling Autorun doesn't mean the 100% eradication of all Autorun malware - as some examples use a variety of alternative techniques to spread beyond using the Autorun functionality.

Well done to Microsoft for removing most of the weeds from that particular corner of the malware garden.

, , , ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley