Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Deeper insight into the Security Advisory 967940 update

10 Feb 2011   #1

Win 7 Ultimate 64-bit. SP1.
Deeper insight into the Security Advisory 967940 update


Hi! I'm Adam Shostack, a program manager working in TWC Security, and I'd like to talk a bit about today's AutoRun update. Normally, I post over on the SDL blog, but of late I've been doing a lot of work in classifying and quantifying how Windows computers get compromised. One thing that popped from that analysis was the proportion of infected machines with malware that uses Autorun to propagate.

You might note that that's a convoluted sentence, and I apologize. Why can't I just say "infected because of AutoRun?" Well, because we don't actually know that. Due to the nature of the problem, it's probably not possible to acquire great data on the number of attacks that succeed by misusing Autorun. What we know, and talked about in volume 9 of our Security Intelligence Report last fall, is that a lot of malware uses Autorun as one of several propagation mechanisms. Because of the very real positive uses of Autorun, we didn't want to simply shut it off without a conversation. On the other hand, we believed action should be taken to shut down the misuse.

In April 2009 we delivered a very public message to the Windows ecosystem that we were changing the behavior of Autorun in ways that improved security. We blogged on the progress of that transition, posting "AutoRun changes in Windows 7" in April 2009. In November 2009, we posted "AutoPlay Windows 7 behavior backported" and we put out an update to do the same for older operating systems. We made that update available from the Download Center. That allowed anyone who wanted the update to seek it out and download it for themselves. Our partners expressed their concerns about that change, but by and large understood the reasons for it. Over the last few years, companies that needed the functionality incorporated U3 functionality into their devices. Others documented the change. Overall, the transition hasn't been simple, but it has worked.
Deeper insight into the Security Advisory 967940 update - MSRC - Site Home - TechNet Blogs

My System SpecsSystem Spec

10 Feb 2011   #2

Microsoft Community Contributor Award Recipient

Win 7 Pro 64-bit

Seems like we've come full circle. Back in '04 (I think) TweakUI was modified for XP w/SP1 and Server 2003 to include a way to disable autorun/autoplay because of known vulnerabilities to .inf files. Looks like not much has changed.
My System SpecsSystem Spec

 Deeper insight into the Security Advisory 967940 update

Thread Tools

Similar help and support threads for2: Deeper insight into the Security Advisory 967940 update
Thread Forum
Microsoft Security Advisory (2490606) Windows Updates & Activation
Microsoft Security Advisory (2488013) Windows Updates & Activation
Update on Security Advisory 2269673 News
Update on Security Advisory 981374 News
Further Insight into Security Advisory 979352 and the T News
Microsoft Security Advisory (979352) System Security
IE Microsoft Security Advisory (979352) Browsers & Mail

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 02:57 AM.
Twitter Facebook Google+

Windows 7 Forums

Seven Forums Android App Seven Forums IOS App

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33