14 DAY TRIAL // It’s simply amazing how much impact an apparently minor security mitigation managed to deliver in the case Autorun-abusing malware. Autorun-related Windows XP and Windows Vista infection rates have dropped dramatically in the first half of 2011 compared to the previous year, all thanks to an update to the feature which was backported from Windows 7 to supported versions of its predecessors.
According to Microsoft Malicious Software Removal Tool (MSRT) statistics for May 2011, XP accounted for 59% less Autorun-related malicious code infections, with Vista users benefiting from a 74% drop vs. 2010 infection rates.
Malware families such as Taterf, Rimecud, Conficker, and Autorun have been designed to abuse the Windows Autorun feature, leveraging infected removable media as a launch pad.
The malicious code would launch the AutoPlay functionality automatically and compromise the computers of unsuspecting victims, then infect additional removable media and use it to spread the infection to more machines.
In Windows 7 Microsoft put a stop to this, and as such, this version of Windows has the lowest infection rate related to Autorun abuse out of all Microsoft platforms.
In the second half of 2010 the software giant backported the evolved Windows 7 Autorun feature to XP and Vista, but at that time, customers needed to download and install it manually. But as of February 2011, the Redmond company started serving the Autorun update to XP and Vista users.
“These infections started their decline when the update was released and in May hit an all-time low,” revealed Holly Stewart, from MMPC. “In comparison to the three months prior to the update, we saw 1.3 million fewer infections on Windows Vista and XP from February to May.”
“The overall infection rates changed, too. By May of 2011, the number of infections found by the Microsoft Malicious Software Removal Tool (MSRT) per scanned computer was reduced by 68% (all operating systems, all service packs) in comparison to the 2010 infection rates.”
