Current Activity - Removable Media Security Practices

[Current Activity <us-cert () us-cert gov>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

US-CERT Current Activity

Removable Media Security Practices

Original release date: November 1, 2010 at 11:24 am
Last revised: November 1, 2010 at 11:24 am


US-CERT is aware of recent reports indicating that some newly
purchased removable media devices are infected with malicious code.
This malicious code is a worm that attempts to propagate itself via
multiple methods. If a Windows user connects an affected removable
media device to a system that has autorun enabled, the system may
become infected with this malware with no additional interaction from
the user. Autorun is enabled by default.

US-CERT encourages users and administrators to consider implementing
the following best security practices to help mitigate the risks
associated with this type of issue:
  * Disable autorun in Windows.
  * Maintain up-to-date antivirus software.
  * Maintain up-to-date hardware, operating systems, and software by
    applying security patches, fixes, and updates.
  * Perform virus scanning of the removable media devices prior to
    each use.

Information about disabling autorun in Windows, including a fix-it
tool, can be found in Microsoft knowledgebase article 967715.

Relevant Url(s):
<http://support.microsoft.com/kb/967715>

====
This entry is available at
http://www.us-cert.gov/current/index.html#removable_media_security_practices

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBTM7cgT6pPKYJORa3AQJEQwf/YqVeOuLZNVE9Tr+C4XVA13bU/jI6pGcw
9JS+hilho9iQ3bUiKWUKwOt3kP3ZLZKpuVV9VuBPtuevt0x2QmCFKocSIAJ4ZdWU
n+j3XkZAqIHvYHlaDM0jt2uk+GGT1OK65WTQ+jMznazShh8GtBQNOm8WyF2LWmlp
xgPFyjOAq1UT0D3grecn6OJttFJJ1ZaKh9e9enkXdtZZ34JZSEIfPHK7RvVL9/rp
5xftFQuwgmlKwv98heyJL/MWTUZLyd8lEdt4FLkrOXdr1sPiEScd0Wtmw30F6J53
v74jjkq7/ILPoHfDkrC7TzDizxtSu6b+286rwf/UBhOmZLbE+6fl8w==
=/VQA
-----END PGP SIGNATURE-----