-
How does the Panda USB vaccination work?
I stumbled on the Panda USB and AutoRun Vaccine on the Panda Research blog and it peaked my interest because autorun-based malware is very wide-spread these days and also because I’ve written extensively about the topic. An other reason is that I don’t like black boxes and it is my opinion that all knowledge should…
-
How permissive is the Windows autorun.inf parsing?
While reading the F-Secure blogpost titled When is AUTORUN.INF really an AUTORUN.INF?, I was reminded of this masking technique – putting extra data between the relevant lines. But how tolerant is the autorun.inf parser (which I suppose in fact is the INI file parser) really? The example showed by F-Secure is quite mild, in the…
-
Autorun malware
There seems to be a lot of confusion out there about this topic, so I’ll try to provide here some high-quality technical information to help users / sysadmins out. What is autorun malware? Autorun malware is malware which uses the autorun feature present in Microsoft Windows as a way to spread itself. This might or…