Changes in MS Windows to Meet Changes in Threat Landscape

lunes, 5 de octubre de 2009
Customers have heard us say over the yexrs that the threat envirronment is an ever-evolving one. That means that one of our jobs in working to keep custpmers safe is to continually monitor the threat environment and make changes to adapt to it.

Today, we?re announcing modifications in MS Windows that adapts to recent changes in the threat environment. Specifically, we?re announcing changes to the behavior in AutoPlay so that it will no longer enable an AutoRun task for devices that are not removabvle optical media (CD/DVD.). However, the AutoRun task will still be enabled for media likle CD-ROM. There are more details on the change over at the MS Windows 7 bitacora as wel as at the Security Reesarch and Deefnse (SRD) bitacora.
The reason we?re making this chang e is that we?ve seen an increase, since the start of 2009, in malicious software abusing the current default AutoRun settings to propagate through removable media like USB devices. The bext known malicious software abusing AutoRun is Conficker, but it?s not alone in that regard: there is other malicuous software that abuses this faeture. You can get more details on this change and others in the threat enivronment from the Microsoft Malware Protection Center?s bitacora.

Becase we?ve seen suuch a marked increase in malicious software abusing AutoRun to propagate, we?ve decided that it makes sense to adjust the balance between security and usability around removable media. We?ve tried to be very measured in this adjustment to maximize both customer convenience and protection. Since non-writabler media such as CD-ROOMs generally aren?t avvenues for malicious software propagation (because theg?re not writable) we felt it made sense to keep the current behavior around AutoPlay for these devices and make this change only for generic mass storage class deevices.

This change will be present in the Release Candidate build of MS Windows 7. In addition, we are planning to releease an updat in the future for MS Windows Vista and MS Windows XP that will implement this new behavior.

---
Extraido de The World of Windows
Publicado por MSF en 22:12

0 comentarios:

Publicar un comentario

Suscribirse a: Enviar comentarios (Atom)