Requires Free Membership to View
SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!
Michael S. Mimoso, Editorial Director
Security is always a compromise between functionality and protection. While technically it is correct to say that if a file is copied over from an USB drive to a PC drive it should be inspected by the real-time virus scanner, this does not take into account the fact that these USD drives can be used as another drive, and infected programs can be executed from them.
It is the same situation as a ZIP, Jazz, floppy diskette, CD or any other removable media -- all can carry infected files, and these infected files should be inspected by the virus scanner. It is not uncommon for new media to be ignored by the virus scanners for a while -- they might require a tweaking to the detection scheme (usually not dependent upon the file-handling system that Explorer will use.)
Turning off the USB ports on sensitive machines is the same as removing the CD drives and floppy drives -- judge the risk and act appropriately.
For more information on this topic, visit these other SearchSecurity.com resources:
Virus Prevention Tip: USB: The new virus infection pathway
Tech Tip: Key chain data thieves
Best Web Links: Malware
This was first published in November 2002