If we needed any further reminders, new data has shown that malware which exploits the Windows Autorun vulnerability accounts for more than 35% of the top 10 global infections so far this year.  This is more than double the proportion found in the second half of 2008.

The key findings from Microsoft’s Security Intelligence Report Version 7 show that the Conficker worm, along with a Trojan called Taterf which steals passwords and license keys for popular computer games, were detected on 5.21 million and 4.91 million Windows computers respectively. 

Taterf is notable in that it spreads only via Autorun, and of course Autorun is one of the vectors by which Conficker can spread. 

While our Cruzer Enterprise secure flash drives with onboard McAfee antivirus scanning are able to stop this kind of malware spreading via USB, it’s worth remembering that many other types of portable storage devices are also vulnerable to AutoRun malware.  This includes mp3 players, digital cameras and even digital picture frames. 

We suggest being cautious in allowing any unauthorised devices to be used on the corporate network, and ensuring that antivirus software and software patches are kept fully up to date.

Our anti-virus partner McAfee has released its Q2 Threats Report (PDF at link), and like the company’s Q1 report from earlier this year, it is sobering reading. 

The report says that spam volumes have increased by 140% since March, driven by major growth in botnet activity.  14 million new computers became parts of botnets in Q2 (that’s more than 150,000 per day), an increase of 16% over the previous quarter.

McAfee also reported growth in password-stealing Trojans, which is more proof that making money from illegal activity on the Internet is now a focus for criminal gangs.

The company also reported a surge in so-called Auto-Run malware, which exploits Windows’ Auto-Run capabilities and is most commonly spread via USB and portable devices.  As you’ll know, our Cruzer Enterprise with onboard McAfee AV can prevent the spread of malware via this vector, helping to protect corporate networks against this fast-emerging threat.

This entry in the TrustedSource blog of SanDisk’s anti-virus partner, McAfee, talks about the continued rise of malware which exploits the Windows AutoRun feature to replicate onto removable media, such as USB thumb drives

Of course, our Cruzer Enterprise flash drives with onboard McAfee antivirus scanning are able to stop this kind of malware spreading.  But the blog entry makes the worthwhile point that other types of portable storage devices are also vulnerable to AutoRun worms, not just pen drives.

mp3 players, digital cameras and even digital picture frames are vulnerable, and what’s more, are just as likely as a thumb drive to be used in multiple machines — helping to spread the worm further. 

The message is, be careful when using any USB device – and keep your antivirus software up to date.

We’ve made some key updates to our solution range, and introduced an enhanced version of our CMC management software, which we are featuring at the Infosecurity show in London from 28th – 30th April.

All of our Cruzer Enterprise models now shipping are FIPS certified, offering corporate and government IT departments a valuable tool in securing and managing data.  The drives carry FIPS (Federal Information Processing Standard) 140-2 Level 2 certification for encryption.

The Cruzer Enterprise now comes in two versions: standard, and Cruzer Enterprise with McAfee Malware Protection.  The McAfee version helps protect users from infection with an automatic anti-malware scan prohibiting file transfers to the secure USB drive when it detects infection on a host PC.

Also, CMC version 3.0 is now available, giving more tools for distributing, protecting and recovering critical data.  The CMC agent resides on a company-issued Cruzer Enterprise drive, enabling corporate IT departments to manage the entire drive lifecycle from deployment, central back-up and restore, and central usage tracking to remote termination of lost drives.

If you’re attending Infosecurity, visit us on Stand E26.