Jump to content
The Inquirer-Home
Chips > Security

Microsoft slammed over security advice

Nibble CERT says Downadup workaround is dumb
By Nick Farrell
Thursday, 22 January 2009, 13:07

US COMPUTER Emergency Readiness Team (US-CERT) has warned that Microsoft's advice about how to beat the Downadup worm is flawed.

Vole recommended switching off Windows' Autorun feature as a method of stopping one of the fastest-spreading attacks on the Web.

However US-CERT said Microsoft's instructions on turning off Autorun are "not fully effective" and "could be considered a vulnerability." µ

L'Inq
CERT

Share this:

< Previous article| Next article >
Comments
Why?

Would you mind telling us why?

You have given a statement that their advice to turn off autorun is not fully effective, but why? I know it may seem obvious, but a good article does not just make statements - it backs them up with reasons and evidence.

Also, where is the mention of the Windows update file they released? If turning off autorun is their advice, why release an update? Clearly their 'advice' is also to keep up to date with Windows updates.

Come on, if you are going to post an article, do a decent job and post a more complete article.

posted by : Dan, 22 January 2009 Complain about this comment
article misleading

The linked CERT advisory tells us that they method in which Microsoft says to disable Autorun is not fully effective. They outline an example to prove it and also how to properly disable it for all drives. The article is not specifically about the recent worm outbreak, merely about a flaw in one of Microsoft's recommended workarounds.

posted by : Jason, 22 January 2009 Complain about this comment
Call the police

The INQ misleading? Posting incomplete information? No reasons or evidence? I wonder why it was labelled 'Nibble'?

Just a thought.

posted by : The Green Crayon, 22 January 2009 Complain about this comment
Technical Cyber Security Alert TA09-020A

Here's the US-CERT article in question (TA09-020A):
http://www.us-cert.gov/cas/techalerts/TA09-020A.html

posted by : cybersaur, 22 January 2009 Complain about this comment
Dumb de dumb...

I can't believe anyone dumb enough to ALLOW any autorun feature on their machine in the current environment.... It's one of the first things I disable on any new computer.

posted by : Chubster, 22 January 2009 Complain about this comment
Programmer

Once you HAVE the virus, you can no longer download updates from Microsoft and most antivirus software vendors. One thing the virus does is block requests from you computer to these web sites. Following the steps from a site I found - http://www.downadup.com - downloading a free removal tool, disabling AutoPlay, and repairing the registry - you can remove this virus and protect from infection.

posted by : PhilB, 25 January 2009 Complain about this comment
Sandisk Cruzer GB usb drives,

the program will not let you delete the part of the usb drive it's on. If anyone knows how to do this please reply ;-)

If Sandisk are selling USB drives like this then it's no surprise that virus writers are exploiting Sandisk's usb drives.

PS - I know it's not just Sandisk, but still I'll start there ;-).

PPS - The Inq, please FIX THE COMMENT PARAGRAPH BUG.

posted by : interested_party, 25 January 2009 Complain about this comment
Advertisement
Subscribe to the INQ Newsletter
Sign-up for the INQBot weekly newsletter
Click here to sign up Existing user
INQ Whitepapers

Business Intelligence Software

Customer Relationship Management (CRM)

Enterprise Accounting Software

Enterprise Resource Planning (ERP)

Enterprise Systems Management

Jobs
Powered by INQJOBS
Advertisement
INQ Poll

Windows 7 impressions

How is windows 7 working out for you?

View other polls
Follow us:
Business & Technology websites:
Business research resources:
Products:
Investment Market IT websites:
Find out what you are worth:
Search for a job: