Autorun-Related Malware Declines and the June 2011 Security Bulletin Release
- Tuesday, June 14, 2011, 10:50
- Threat Research
Hello there. First off, I’d like to share some news regarding the updates we made to the Autorun feature in Security Advisory 967940, which we released in February 2011. The advisory made changes to how Autorun handles “non-shiny” media (eg., USB thumb drives). The change was expected to make a significant difference to infection rates by malware that uses Autorun to propagate, and we’ve been monitoring those rates ever since.
The initial results are encouraging. As of May 2011, the number of infections found by the Malicious Software Removal Tool (MSRT) per scanned computer declined by 59 percent on Windows XP machines and by 74 percent on Windows Vista machines in comparison to the 2010 infection rates on those platforms. (Windows 7 had the updated Autorun settings built in by default.) For more details and statistics regarding the drop in Autorun-abusing malware infections, please see the Microsoft Malware Protection Center (MMPC) blog.
As we previously mentioned in the Advance Notification blog on Thursday, today we are releasing 16 security bulletins, nine of which are rated Critical, and seven of which are rated Important. There are four Critical-level updates that we want to call out as top priorities for our customers in June:
MS11-042 (DFS). This bulletin resolves two privately reported