It has not been possible to disable this "Autorun" feature sufficiently to prevent infection. You can imagine the "discussion" that the DoD had with the Lads from Redmond. So now there's a patch that fixes this enormous security hole - you know, the one that malware used to infect military computers.
Except it's not a security patch:
Ironically, Microsoft describes the fix as a "non-security update," and it offers this explanation: "In this case, we are communicating the availability of an update that affects your ability to perform subsequent updates, including security updates. Therefore, this advisory does not address a specific security vulnerability; rather, it addresses your overall security."Huh? Classified computers got infected. I-N-F-E-C-T-E-D. But no security fix to see here. Move along, folks.
This episode doesn't pass the sniff test. The fact that they feel the need to spin us speaks volumes about their attitude towards security.
I still don't understand why there hasn't been a massive class action lawsuit against those Redmond folks. Surely there are a few lawyers who are willing to crack away at the EULA's disclaiming responsibility and nail the Redmond folks for the countless $$$$$ that government and industry have spent cleaning up after their mess ... sigh ...
ReplyDeleteTisDone, most license agreements (EULAs) only warrant that the CD actually contains the software.
ReplyDelete