MS windows defence systems

[Kalpesh Thaker]

Hi Guys,

I've just come across a technet article of the new line of windows OS
defence systems that are being put in place, which i just had
to share with you all:

http://blogs.technet.com/msrc/archive/2009/04/28/changes-in-windows-to-meet-changes-in-threat-landscape.aspx

the article reads:
Changes in Windows to Meet Changes in Threat Landscape

Customers have heard us say over the years that the threat environment is an
ever-evolving one. That means that one of our jobs in working to keep
customers safe is to continually monitor the threat environment and make
changes to adapt to it.



Today, we’re announcing modifications in Windows that adapts to recent
changes in the threat environment. Specifically, we’re announcing changes to
the behavior in AutoPlay so that it will no longer enable an AutoRun task
for devices that are not removable optical media (CD/DVD.).  However, the
AutoRun task will still be enabled for media like CD-ROM. There are more
details on the change over at the Windows 7
blog<http://blogs.msdn.com/e7/archive/2009/04/27/improvements-to-autoplay.aspx>as
well as at the Security Research and Defense (SRD)
blog<http://blogs.technet.com/srd/archive/2009/04/28/autorun-changes-in-windows-7.aspx>
.



The reason we’re making this change is that we’ve seen an increase, since
the start of 2009, in malicious software abusing the current default AutoRun
settings to propagate through removable media like USB devices. The best
known malicious software abusing AutoRun is
Conficker<http://www.microsoft.com/security/portal/Entry.aspx?Name=Win32/Conficker>,
but it’s not alone in that regard: there is other malicious software that
abuses this feature. You can get more details on this change and others in
the threat environment from the Microsoft Malware Protection Center’s
blog<http://blogs.technet.com/mmpc/archive/2009/04/28/windows-addresses-the-changing-autorun-threat-environment.aspx>
.



Because we’ve seen such a marked increase in malicious software abusing
AutoRun to propagate, we’ve decided that it makes sense to adjust the
balance between security and usability around removable media. We’ve tried
to be very measured in this adjustment to maximize both customer convenience
and protection. Since non-writable media such as CD-ROMs generally aren’t
avenues for malicious software propagation (because they’re not writable) we
felt it made sense to keep the current behavior around AutoPlay for these
devices and make this change only for generic mass storage class devices.



This change will be present in the Release Candidate build of Windows 7. In
addition, we are planning to release an update in the future for Windows
Vista and Windows XP that will implement this new behavior.





Thanks.

Christopher



hahahahahahaha :)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.ubuntu.com/archives/ubuntu-zw/attachments/20090506/884bdd86/attachment.htm