A number of new virus and malware threats have appeared for users of Windows XP and Internet Explorer recently. See Three million hit by Windows worm, BBC News, 16 Jan 2009

Do you really need autorun?

Prior to the dominance of internet worms, the main method of transmission of viruses was through removable media such as floppy discs. It now seems that USB flash drives are becoming a very significant transmission vector. USB worms run themselves by creating a file called AUTORUN.INF on the root folder of USB drives (including other USB devices like cameras or MP3 players) – this file may appear to be junk but may run a hidden file with a non-standard three-letter extension. Every Windows workstation in an organisation should be protected by an up-to-date antivirus, but it is a worry that new variants appear that may not be detected even by “fuzzy” heuristics, and some antivirus programs may be configured to only scan for known executable file types.

We would suggest you might want to turn off the “autoplay” and “autorun” features on Windows, which some people find irritating even if not a security risk; it can also trigger when connecting to network drives. To turn off Autoplay on Windows XP, if you have a USB drive known to be clean, you can insert it, and right-click on its icon in My Computer. Then choose Properties > Autoplay and select “Take no action” for each type. (You can also do this for CDs if you think you are able to install any necessary software in future by finding a program called Setup.)

To turn off Autorun correctly on an up-to-date Windows installation, use the Group Policy management console. Go to Start > Run and type in gpedit.msc. Select the local Computer Configuration > Administrative Templates > Windows Components > Autoplay policies. The right-hand pane gives a list of policy options including “Turn off Autoplay”. Double click this, and in the properties box, select “enabled” (i.e. enable turning off autoplay), and “Turn off autoplay” on “All drives”. Click OK, and restart the computer.

For XP Home without a Group Policy console, you can install TweakUI and in the TweakUI control panel, go to My Computer > Autoplay > Drives, and untick each drive.

Keep software up-to-date if possible.

Microsoft has issued notices of several vulnerabilities in Windows that have been exploited by malicious software, including MS08-067 from last October, and issued patches to fix the problems.

GreenNet appreciates that there are a number of Windows 95/98/ME users who don’t want to or are unable to buy new hardware. Microsoft stopped issuing new patches for Internet Explorer 6 (IE6) for Windows 9x in 2006, although IE6 is still updated in Windows 2000/XP. The easiest thing for people with Windows 9x is to use a browser other than Internet Explorer, such as Firefox 2.0.0.20 or preferably Opera. Opera is still maintained for Windows 9x. Windows 9x users should also have some kind of firewall enabled, either in a broadband router, or a personal firewall such as ZoneAlarm.

Novice users with Windows XP may not realise what version of Windows XP they are running. Antivirus companies and security experts recommend updating Windows regularly, but prior to Service Pack 2 of Windows XP this was not automatic. If you are not sure what version of Windows XP you have, put aside some time and visit Windows Update Many people even with SP2 turn off automatic updates because it downloading and installing can slow up the PC. This means you have to remember to do it manually.

There have also been security vulnerabilities in Acrobat Reader and Microsoft Word recently. We haven’t seen many attempts to exploit them, but free updates are available.