Windows Patches Security Hole with Feb. Updates

Flash DriveI dread the second Tuesday of every month. I know that, when I open my laptop that day, I’ll be faced with a threat: Restart your computer...or else.

Yes, it’s Windows update time again, and while I was not happy to end my days-long session yesterday, I’m comforted by the fact that this month’s download gets rid of autorun, a feature that has long posed a significant security risk for personal and enterprise users alike.

This feature hearkens back to the mid-’90s, the heyday of CD-ROMs, when many programs and games relied upon it to start up. You’d just insert the CD, and poof! The computer would do the rest. It was perfect for the many non-technical users who were new to computers and such concepts as navigating a directory.

While most of us have discarded our Encarta Encyclopedia CDs, the autorun feature has made the jump to the next generation of removable storage: the flash drive. Malware creators target the media by writing autorun code into malicious programs likely to make it to flash drives. Then, when a user inserts the device into his or her computer, Windows automatically runs the malware, automatically infecting the machine.

Although disabling autorun does result in a loss of convenience, it will be a boon to enterprises already worried about the contents of their employees’ flash drives. Those employee devices lack the sophisticated security measures that enterprise networks have and thus are more likely to introduce malware into the network.

Disabling autorun will also help keep regular users’ computers safe, as many individual anti-virus programs do not scan flash drives before running the programs. And now that I’m done installing this update on my personal computer, I’ve got 26 days of freedom.

Posted by Laura Williams on Feb 09, 2011

  • Ahead of Current Events Ahead of Current Events

    In this episode, Ralph C. Jensen chats with Dana Barnes, president of global government at Dataminr. We talk about the evolution of Dataminr and how data software benefits business and personnel alike. Dataminr delivers the earliest warnings on high impact events and critical information far in advance of other sources, enabling faster response, more effective risk mitigation for both public and private sector organizations. Barnes recites Dataminr history and how their platform works. With so much emphasis on cybersecurity, Barnes goes into detail about his cybersecurity background and the measures Dataminr takes to ensure safe and secure implementation.

Digital Edition

  • Environmental Protection
  • Occupational Health & Safety
  • Spaces4Learning
  • Campus Security & Life Safety