Conficker prompts Windows Autorun lockdown

Microsoft has issued a security patch that changes how earlier versions of its flagship Windows operating system handles security when reading “non-shiny” storage media.

“Windows 7 already disables Autorun for devices such as USB thumb drives, which prevents malware lurking on such drives from loading itself onto computers without user interaction,” said Microsoft spokesperson Angela Gunn.

“[Now], earlier versions of Windows gain that security-conscious functionality as well. We believe this is a huge step towards combating one of the most prevalent infection vectors used by malware such as Conficker.”

Adam Shostack, a Microsoft security expert, added that now was clearly “the right time” to widely disseminate the Autorun update.

“Changing behavior for a running system is never a trivial thing, and we take it incredibly seriously. It would be a bad outcome for people to think they have to make a tradeoff between security and anything else. 

“Updates to protect against vulnerabilities are an important part of keeping a system secure. We had to be very confident that this change was the right balance for most people.”

Shostack also noted the availability of an Autorun “Fix It” which allows users to roll back the patch and restore previous Autorun functionality.