a large percentage of malware spreads through usb devices, like flash drives. Im not sure if windows 7 has fixed this- (I dont have 7) but xp is certainly vulnerable.
I came across some advice a while back, to add a small extra layer of security to your system that I found very useful and perhaps someone else will as well
here is a simple test you can perform to see how vulnerable your pc is to attacks.
hackers exploit the autorun feature in windows- im going to demonstrate this by auto executing mspaint- that terrible paint program that ships with windows.
1) what you need to do is open notepad
2) copy and paste the following text
[autorun]
action=Testing autoplay: Run paint from usbdrive
open=mspaint.exe
shell\FromFlash=Testing context: run paint from usbdrive
shell\FromFlash\command=mspaint.exe
shell=FromFlash
icon=mspaint.exe
label=Testing AutoRun Stuff
3) select file/save as
- save the file to the root directory of your flash drive
- under "save as type" select "all files"
- call the file autorun.inf
4) now go into c:\windows\system32 and scroll down till you find mspaint.exe copy that file and paste it onto your flash drive (in the same directory that you created the autorun.inf file)
what we have done is create a autorun file the will open up mspaint when you insert your flash drive.
5) eject your flash drive, and plug it back in
6) go to start/my computer, and double click your flash drive
ms paint should open.
you can also mess around with that "what would you like to do" window that opens when you insert a flash drive and see how easy it is to run paint
now imagine that was some kind of malware- as soon as you double clicked, your computer would be infected.
this is scary.
if anyone is interested there is a hack to disable this autorun
1) open notepad
paste the following text
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
@="@SYS
oesNotExist"
file\save as
- save the file to your desktop
- under "save as type" select "all files"
- call the file something.reg
double click on the file and it will ask you if you want to add the entry to the registry- click yes
now perform the test with your flashdrive again- when you double click mspaint should no longer start up.
NOTE: im not sure what all the implications of disabling autorun are, I have had no problems; the blogs out there dont mention any problems, but if you have something that specifically relies on autorun, you should do a little research first.
reference 1
reference 2