Warnings of the new USB attack vector began to appear recently, including a Microsoft Advisory which included the observation that one attack approach could come via removable drives.
Vulnerable versions of Windows, including Service Packs, identified by Microsoft are:
Look for Microsoft to address this one aggressively and quickly — the breadth of the exposure guarantees that.
And look at the announcement of this new vulnerability, and particularly the USB/AutoRun/AutoPlay as an opportunity to tighten up on your company’s approach to both removable drives, and automatic executions.
AutoRun-based attacks launched from USB drives — or CD-Roms — are nothing new; we’ve talked here of USB risks before.
Disabling AutoRun, and any automatic players seems to me to be a good first step. But equally important is establishing and communicating a solid removable drive policy — and, by extension, a solid overall device and media policy — that could at least make employees aware of the large risks that can come in small attachable packages.
The first instance of a website dates back to November 1992, just a year after…
In today’s digital landscape, having a strong online presence is essential for any business. This…
Imagine trying to explain your movement through a crowded room using only the sounds of…
In the ever-evolving world of online commerce, having the right tools at your disposal is…
In the vast landscape of online content, YouTube has emerged as a powerhouse for creators…
In the ever-changing world of digital marketing, strengthening security goes beyond simply supporting firewalls. It…
View Comments