Huge decline of Autorun-abusing malware

Infections with malware that abuses the Windows Autorun feature by automatically enabling AutoPlay have been declining since February, says Microsoft, and credits the security updates for Windows XP and Vista they started releasing at the beginning of that month for that decline.

“Autorun” malware presented a great problem all through 2010, and something had to be done about it. Microsoft decided to make the Autorun feature in question more “locked-down” on the two aforementioned platforms, and the action has paid off.

“By May of 2011, the number of infections found by the Microsoft Malicious Software Removal Tool per scanned computer was reduced by 59% on XP and by 74% on Vista in comparison to the 2010 infection rates,” says Holly Stewart, senior program manager from the Microsoft Malware Protection Center.

Another effect – an unexpected one – is that the number of infection attempts on systems that were protected with Microsoft’s proactive defense solutions also declined steeply immediately after the release of the update.

But the reason why the infections and infections attempts haven’t fallen to zero is the fact that the Autorun feature is only one propagation method these malware families use. “Abusing Autorun was only one trick up their collective sleeve. However, judging by the numbers in our data, it was a lucrative one,” comments Steward.