Microsoft has decided to modify the way AutoRun works in all Windows systems to increase security and prevent malware. Does this change satisfy your need for security?
A few weeks ago, I republished an IT Security Blog post by Chad Perrin: "Help Protect Windows from Malware with No Autorun." You can read it for yourself, but the basic gist was that AutoRun should be turned off on all Windows systems as a security measure against malware attacks. Chad explained some ways to accomplish that task.
Microsoft had previously modified the way AutoRun works in Windows 7 to increase security and reduce malware attacks, but the manner in which Windows XP handled AutoRun was still a problem.
Well, on February 8, 2011, Microsoft announced that they would be applying the Windows 7 security protocols for AutoRun to Windows XP systems via the normal Update process. This change effectively disables AutoRun in Windows systems, closing a large security vulnerability. At least that is the plan.
Do you think this change closes the book on AutoRun security vulnerabilities or do you expect it will be necessary to stay vigilant to protect your systems?