US-CERT Says Microsoft's Advice On Downadup Worm Bogus

CWmike writes "Microsoft's advice on disabling Windows' 'Autorun' feature is flawed, the US Computer Emergency Readiness Team (US-CERT) said today, and it leaves users who rely on its guidelines to protect their PCs against the fast-spreading Downadup worm open to attack. US-CERT said in an alert that Microsoft's instructions on turning off Autorun are 'not fully effective' and 'could be considered a vulnerability.' The flaw in Microsoft's guidelines are important at the moment, because the 'Downadup' worm, which has compromised more computers than any other attack in years, can spread through USB devices, such as flash drives and cameras, by taking advantage of Windows' Autorun and Autoplay features."

Re:I'm a linux what's a worm?

[Foofoobar]

And you neglect to point out that it did nothing and that UNIX systems were the first to learn how to protect against worms as a result. But did Mcrosoft choose to learn from the lessons of it's predecessors? No. It chose to ignore successful security methodologies in order to allow open communications between all software systems, api's and the user. The system was designed to be open by default... not secure. Security was ALWAYS an afterthought.