Slashdot Mirror

← Back to Stories (view on slashdot.org)

US-CERT Says Microsoft's Advice On Downadup Worm Bogus

Posted by samzenpus on from the protect-yourself-at-all-times dept.

CWmike writes "Microsoft's advice on disabling Windows' 'Autorun' feature is flawed, the US Computer Emergency Readiness Team (US-CERT) said today, and it leaves users who rely on its guidelines to protect their PCs against the fast-spreading Downadup worm open to attack. US-CERT said in an alert that Microsoft's instructions on turning off Autorun are 'not fully effective' and 'could be considered a vulnerability.' The flaw in Microsoft's guidelines are important at the moment, because the 'Downadup' worm, which has compromised more computers than any other attack in years, can spread through USB devices, such as flash drives and cameras, by taking advantage of Windows' Autorun and Autoplay features."

12 of 290 comments (clear)

  1. News? by Anonymous Coward · · Score: 1, Funny

    Why is this considered news? Microsoft's security recommendations have never been taken seriously. We're supposed to still not take them seriously? Ok. But not news, as, obviously, this is nothing new. Obviously.

  2. Re:I'm a linux what's a worm? by Anonymous Coward · · Score: 4, Funny

    There's a new sound, the newest sound around
    The strangest sound that you have ever heard
    Not like a wild boar or a jungle lion's roar
    It isn't like the cry of any bird
    But there's a new sound, it's deep down in the ground
    And everyone who listens to it squirms
    Because this new, new sound so deep under the ground
    Is the sound that's made by worms

  3. Re:Hmmm... by Timothy+Brownawell · · Score: 2, Funny

    Microsoft supplied the software that allows people's computers to become infected, then gave them false information leading them to believe they're safe, when they're not really.

    Suspicious...

    Yeah, it's almost like they value convenience over security (having autorun), and don't know how to write perfect bug-free software like the space shuttle people do (look at the "Update:" at the end of the advisory, the fix instructions should have worked, but they don't without a patch).

  4. Re:Are there pies in space? by Anonymous Coward · · Score: 1, Funny
    I am asking Slashdot because you are very intelligent beings?

    Yes, but because there's no gravity in space, we have to use very powerful electric currents to magnetise our pies.

    We call them magpies and eat them at our space-football games with hot chips and source.

    Go Collingwood! Yeah.

  5. Re:Would like to see a worm disable Vista's DRM by Anonymous Coward · · Score: 5, Funny

    The 1 step guide to getting cheap mod points on Slashdot

    1) Mention DRM

  6. Re:Why so hard to diable autorun by John+Hasler · · Score: 2, Funny

    > Have there been any cases where animals wandered through the automatic doors into some
    > large store?

    Yes, but not nine million of them.

    --
    Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
  7. Re:I'm a linux what's a worm? by KozmoKramer · · Score: 5, Funny

    Thanks for pulling up that Gem from 20 + years ago. You and my wife must be related!

    --
    My name is Inigo Montoya. You killed my Father! Prepare to die!
  8. Re:Default settings are a blessing and a burden by grumling · · Score: 2, Funny

    Reading package lists... Done
    Building dependency tree
    Reading state information... Done
    E: Couldn't find package omgponies

    Hey... That didn't work.

    --
    "Well, good luck finding a judge that doesn't run a bestiality site."
  9. Re:Non-Windows User Here by symbolset · · Score: 3, Funny

    You clearly underestimate the necessity of such a useful feature as autorun. Sure, Microsoft innovates in this area, but the feature is becoming more common in all devices.

    My cell phone has auto-answer. My dvr has auto-record. My paper shredder even automatically runs when you put paper in.

    There is a downside of course. The auto-run on the disposal has mangled a fork and a few spoons. The auto-run on the table saw was the most disconcerting, but if you're on your toes about precautions nothing bad will happen.

    --
    Help stamp out iliturcy.
  10. Re:I'm a linux what's a worm? by ozmanjusri · · Score: 2, Funny
    I've never heard Windows described quite that way.

    Try working in software support then.

    I've heard it called much worse.

    --
    "I've got more toys than Teruhisa Kitahara."
  11. Re:Non-Windows User Here by Anonymous Coward · · Score: 1, Funny

    On your advice I purchased a table saw with an auto-run feature, all was going well until I tried your advice of being on my toes, sadly I will no longer have said toes

  12. Re:RANT / was(Re:I'm a linux what's a worm?) by OolimPhon · · Score: 5, Funny

    Do you really think that people use passwords like this

      makepasswd --char=32 --count=10
    CLWwBsm1c15IFadg4KTjrHhCBjFP8RNI -- for slashdot
    RLQaXqSEfRHgLnwjjbgoJU5y4Uya2hM6 -- for gmail
    NebgFMATH990vB8US8CE4zMgeR7uum02 -- for Administrator
    SFa0qT5nIQuLYtTsq44I8336ghEBApiD -- for user account
    smcruMr8rzE6PFHzus8AmPcIoKNFy0Rh -- for facebook
    L6wynpgAHoINdQm2CWwXdfSiJrBzQ8YG -- for myspace
    Q3D1JBVXtgPNNo4bm16WAcKPMhox8s6C -- for banking
    L1hEhuisoFcnoyGEYxPYqW8Hq4Qs2EmY -- for retirement account
    2RqaobNEKyQIIoUVoFPty6EruLQhVE0F -- for work login
    s0zJFsLiWCSN0e5fCEvpi48GV4D0PjyH -- for paypal

    Hey! How come you know all the combinations to my luggage?