computerwoche.de

Archiv

Stop Worms From Automatically Spreading, Easily

26.02.2009
One of the ways the Conficker worm and other, similar malware slimes its way from computer to computer is by taking advantage of the Autorun feature in Windows. If Conficker finds removable media (like a USB drive) on a PC it infects, it will infect that media in such a way that it will exploit Autorun to attempt to automatically infect a new computer when the drive is connected.

Microsoft has shared instructions for , but the steps are really meant for systems administrators rather than the average person. And up until this week, when , the steps may not have even worked correctly, .

An easier solution, first and then , involves far fewer steps, but you'd still need to copy a few lines of code and create your own script. Not a big deal, but it could be easier.

Enter your friendly neighborhood security blogger. I followed the steps described by Brown to create that you can simply download and double-click to disable AutoRun. And just to be thorough, I did the same for .

I believe the script only works for Windows XP, but if you know differently, by all means let us know with a comment below. Also, it's important to note that if you turn off Autorun, you'll have to manually find and double-click installation programs and other things that would have been automatically started by Autorun.

You might also run into trouble with U3 usb drives. But you will block off one of malware's dirty tricks.