Slashdot Mirror

← Back to Stories (view on slashdot.org)

US-CERT Says Microsoft's Advice On Downadup Worm Bogus

Posted by samzenpus on from the protect-yourself-at-all-times dept.

CWmike writes "Microsoft's advice on disabling Windows' 'Autorun' feature is flawed, the US Computer Emergency Readiness Team (US-CERT) said today, and it leaves users who rely on its guidelines to protect their PCs against the fast-spreading Downadup worm open to attack. US-CERT said in an alert that Microsoft's instructions on turning off Autorun are 'not fully effective' and 'could be considered a vulnerability.' The flaw in Microsoft's guidelines are important at the moment, because the 'Downadup' worm, which has compromised more computers than any other attack in years, can spread through USB devices, such as flash drives and cameras, by taking advantage of Windows' Autorun and Autoplay features."

5 of 290 comments (clear)

  1. Re:I'm a linux what's a worm? by Anonymous Coward · · Score: 4, Funny

    There's a new sound, the newest sound around
    The strangest sound that you have ever heard
    Not like a wild boar or a jungle lion's roar
    It isn't like the cry of any bird
    But there's a new sound, it's deep down in the ground
    And everyone who listens to it squirms
    Because this new, new sound so deep under the ground
    Is the sound that's made by worms

  2. Re:Would like to see a worm disable Vista's DRM by Anonymous Coward · · Score: 5, Funny

    The 1 step guide to getting cheap mod points on Slashdot

    1) Mention DRM

  3. Re:I'm a linux what's a worm? by KozmoKramer · · Score: 5, Funny

    Thanks for pulling up that Gem from 20 + years ago. You and my wife must be related!

    --
    My name is Inigo Montoya. You killed my Father! Prepare to die!
  4. Re:Non-Windows User Here by symbolset · · Score: 3, Funny

    You clearly underestimate the necessity of such a useful feature as autorun. Sure, Microsoft innovates in this area, but the feature is becoming more common in all devices.

    My cell phone has auto-answer. My dvr has auto-record. My paper shredder even automatically runs when you put paper in.

    There is a downside of course. The auto-run on the disposal has mangled a fork and a few spoons. The auto-run on the table saw was the most disconcerting, but if you're on your toes about precautions nothing bad will happen.

    --
    Help stamp out iliturcy.
  5. Re:RANT / was(Re:I'm a linux what's a worm?) by OolimPhon · · Score: 5, Funny

    Do you really think that people use passwords like this

      makepasswd --char=32 --count=10
    CLWwBsm1c15IFadg4KTjrHhCBjFP8RNI -- for slashdot
    RLQaXqSEfRHgLnwjjbgoJU5y4Uya2hM6 -- for gmail
    NebgFMATH990vB8US8CE4zMgeR7uum02 -- for Administrator
    SFa0qT5nIQuLYtTsq44I8336ghEBApiD -- for user account
    smcruMr8rzE6PFHzus8AmPcIoKNFy0Rh -- for facebook
    L6wynpgAHoINdQm2CWwXdfSiJrBzQ8YG -- for myspace
    Q3D1JBVXtgPNNo4bm16WAcKPMhox8s6C -- for banking
    L1hEhuisoFcnoyGEYxPYqW8Hq4Qs2EmY -- for retirement account
    2RqaobNEKyQIIoUVoFPty6EruLQhVE0F -- for work login
    s0zJFsLiWCSN0e5fCEvpi48GV4D0PjyH -- for paypal

    Hey! How come you know all the combinations to my luggage?