Warnings of the new USB attack vector began to appear recently, including a Microsoft Advisory which included the observation that one attack approach could come via removable drives.
Vulnerable versions of Windows, including Service Packs, identified by Microsoft are:
Look for Microsoft to address this one aggressively and quickly — the breadth of the exposure guarantees that.
And look at the announcement of this new vulnerability, and particularly the USB/AutoRun/AutoPlay as an opportunity to tighten up on your company’s approach to both removable drives, and automatic executions.
AutoRun-based attacks launched from USB drives — or CD-Roms — are nothing new; we’ve talked here of USB risks before.
Disabling AutoRun, and any automatic players seems to me to be a good first step. But equally important is establishing and communicating a solid removable drive policy — and, by extension, a solid overall device and media policy — that could at least make employees aware of the large risks that can come in small attachable packages.
In the ever-evolving world of online commerce, having the right tools at your disposal is…
In the vast landscape of online content, YouTube has emerged as a powerhouse for creators…
In the ever-changing world of digital marketing, strengthening security goes beyond simply supporting firewalls. It…
In the digital age, having a strong online presence is paramount for businesses of all…
In a world where digital identity is becoming increasingly vital, services like Gmail and Google…
In the ever-evolving landscape of technology, some remarkable stories stand as milestones in the journey…
View Comments