Windows auto run security loophole triggers widespread malware infection

computer worms

computer worms

Developers of anti-virus software are warning their users of a potential malware that exploits a loop-hole in Windows auto run.
Most at risk are users with older PCs, Windows 7 and 8 PCs are unlikely to be the infected as they are not engineered to commence autorun.inf files.

Reacting to the news, Microsoft was swift to launch patches for older PCs which are most likely to be infected. According to Microsoft, the virus is likely to spread through systems that didn’t install these patches. Other various mediums that can spread this virus are social media sites and sharing of files and folders.Sophos, McAfee, and Symantec are actively monitoring the spread of this virus. Security experts are appalled at the actions of e-criminals, as to why now they would exploit a four year bug.However, some security experts believe that this is a sign of desperation, there are fewer loopholes to exploit on newer operating systems, and as a result e-criminals are looking at older more vulnerable PC’s running older versions of Windows OS.This virus can spread through a number of mediums, including but not limited to, USB flash drives, and other portable data storage devices used on infected computers. Moreover, the virus is cable of infecting other PCs through an active network connection, which is a concern for most corporations, what’s more is that it’s already spreading fear and anxiety amongst businesses still using older Windows operating systems. Rumors have it that Facebook is also another medium that’s responsible for spreading this virus.
E-terrorists have also invented newer tactics to entice people to download these malware. Naming infected files such ‘porn’, ‘sexy’, or ‘passwords’ tend to entice folks, and they end up downloading this malware. The malware’s primary method of action is that it adds a registry key, springing into action as soon as the PC is booted. Some more sophisticated variants of this malware will also disable Windows update, in essence, preventing Windows from downloading a patch to counteract the virus’s effects.

Once a computer is infected, the malware then contacts a server, which instructs it what to do, and enables the PC to download other malware such as Trojans, Zeus, and supplementary malware capable of stealing e-credentials such as online banking login usernames and passwords.

If your computer happens to be infected with this virus or perhaps you are running windows vista or older, experts recommend you disable auto run manually on all associated programs on windows OS, as well as restrict files sharing. The malware doesn’t have a single name but goes by many names, the following list of names are associated with this type of malware, VOBFUS, Changeup and WORM_ W32/VBNA-X, and W32/Autorun.worm.aaeb. Moreover, experts also urge that in order to stay safe, start by updating your anti-malware software, and in order to protect critical data, employ the use of data security software.

According to Microsoft, the malware is losing its steam; back 2011, infection rates from this malware has declined 59% on PC’s running windows XP, 74% down for visa.



About Jonathan Ladd

Jonathan Ladd is a Senior Security Analyst at NewSoftwares. His primary focus is to provide useful advice and deep insight into the latest threats for system and application level security. He is an IT professional with the goal of providing clear guidance on complex topics. View all posts by Jonathan Ladd

2 Comments to Windows auto run security loophole triggers widespread malware infection

  1. Many computers are infected by virus and it cause many problems there are some good anti virus software which you can install for the security purpose.

Leave a Reply