1. Autorun Component
As is typical of modern malware in general, the Downadup worm drops a copy of itself to newly discovered drives, then creates an autorun.inf file on the root of that drive to load the copy of the dropped worm each time the drive is accessed.To prevent the autorun spread of Downadup and other autorun worms, disable the autorun feature:
How to Disable Autorun in Windows XP
How to Disable Autorun in Windows Vista
Note: If you're already been infected with an autorun worm, you must disable the auturon feature before attempting to remove the worm, otherwise it's very likely the infection will just be reintroduced.
2. Dictionary-Style Attacks
The Downadup.AL aka Conficker.B worm comes with a built-in list of commonly used usernames and passwords. It uses this list to guess the credentials on weakly protected shares. A full list of the guessed credentials can be found in the F-Secure Downadup.AL description.Use a strong password system to prevent worms like Downadup from easily breaking into weakly protected network shares.
How to Create a Strong Password System
How to Keep Your Passwords Safe
3. Microsoft Security Vulnerability (MS08-067)
The Downadup.AL aka conficker.B worm exploits vulnerabilities in RPC handling in the Computer Browser service (which has absolutely nothing to do with your Internet browser) and the Server service (which has absolutely nothing to do with real servers). Both the Computer Browser service and the Server service are non-essential services for the vast majority of home users. Indeed, unless your system is part of an enterprise network, chances are you don't need these services at all.If you're a home user or not on a network, disable the Computer Browser service and the Server service. The MS08-067 advisory also provides a patch to protect against these flaws. For further details see: MS08-067: Retro-Style Threat Services Windows, Again