The dark corners of shady Internet bars just became a whole lot safer thanks to Microsoft. The boys and girls in Redmond noticed a disturbing trend towards the end of 2010; the rate of infection due to malware spread via Autorun was skyrocketing. Rather than shrugging their shoulders and telling Symantec to deal with it, the company released an update in February that disabled most Autorun functions on Windows PCs. Four months later, the results are in – malware authors looking to slip your computer a mickey via infected flash drives had better start looking at Linux instead.
Microsoft gauged its success by looking at the number of computers infected by common Autonrun-spread virus families like Taterf, Rimecud, Conficker, and Autorun. They compared the number of infections reported in January, the month before the update took effect, against the number of infections reported in May. The results are astonishing – XP computers saw 59 percent fewer Autorun virus infections, and the malware rate on Vista machines dropped a full 74 percent! Computers running Vista SP2 saw the most benefits, with an 82 percent decrease in infections since January.
Microsoft's blog post showed an interesting side effect: even operating systems that didn't receive the update, like Windows 7 (which already blocked Autorun) and Windows XP SP2 (which is no longer supported), saw a reduced number of infections. Could malware authors be dropping Autorun attacks out of their general arsenal as it becomes more and more difficult to break into the treasure chest of Windows users?