Redmond Reins in AutoRun, AutoPlay to Help Make Windows More Secure
Redmond Reins in AutoRun, AutoPlay to Help Make Windows More Secure
Posted 05/01/2009 at 4:04pm
| by Mark Edward Soper
9
Comments
Print
AutoRun and AutoPlay, Microsoft's "dangerous duo" for launching programs from CD/DVD and other removable media types, have become among malware authors' favorite infection vectors - and Microsoft has finally said, "enough already!"
A research study by Forefront Client Security cited by the Engineering Windows 7 blog determined that infections that can be started with AutoRun amounted to 17.7% of detected infections in the second half of 2008.
Although AutoRun was originally designed strictly for optical media, it can be used for other types of media. For example, you can create an autorun.inf file that adds the program on the media to the AutoPlay menu Windows displays, and change the default icon to make the malware program mimic a legitimate program. Conficker used this method to spread, as illustrated here.
Starting in Windows 7 RC, Microsoft has changed how both AutoRun and AutoPlay work:
- AutoPlay no longer supports AutoRun on non-optical removable media. An autorun.inf file on a USB or other type of non-optical removable media will be disregarded. Only AutoPlay options that pertain to the types of files on the media will be listed.
- When AutoPlay displays programs present on the media, the dialog now states that those programs will be run from the media.
Microsoft's Security Research and Defense blog provides sample dialogs and more details of how these changes work. The best news? Microsoft is planning to extend these security improvements to Windows Vista and XP users as well.
Are there any downsides? For a vigorous discussion of programs and devices that might not work after this change, see the comment thread at the Engineering Windows 7 blog. To start a MaximumPC-style discussion, you know what to do: click Comment and sound off!
More like this
favori (not verified)
June 15, 2009 at 3:25am
www.favoriforum.net 2009 seo yarışması www.favoriforum.net 2009 seo yarışması www.favoriforum.net 2009 seo yarışması www.favoriforum.net 2009 seo yarışması www.favoriforum.net 2009 seo yarışması www.favoriforum.net 2009 seo yarışması www.favoriforum.net 2009 seo yarışması www.favoriforum.net 2009 seo yarışması
Shalbatana
May 02, 2009 at 8:38pm
Thanks a ton virus making jerkwads! Another [usually] great feature ruined by your handiwork.
_______________________________
"There's no time like the future."
MeTo
May 02, 2009 at 5:31am
One small step in the right direction. Autoplay,Autorun was for lazy people and malware authors' favorite infection vectors. Nothing should Auto launch or install without giveing permision. IMHO
Linux Mint,AMD Athlon+ x2 5600,3 Gig ram,500 Gig HDD,ATI 1300 Video.
GrimResistance
May 01, 2009 at 11:23pm
Can you still assign a custom icon with autorun.inf? Or is there another way to do it?
dgourd
May 01, 2009 at 6:04pm
Even though this is a huge bonus toward protecting ourselves from USB drives, you can still partition part of a USB drives into a CDFS format. I do it on my U3 device. This makes windows thinks the CDFS partition is an optical drive. Its not perfect, but it helps alot.
dcdannyf
May 01, 2009 at 4:13pm
That's sad, especially when there is a worm virus. Also, starting to not support the autorun.inf file sucks a lot! It won't open the AutoPlay window up!!!! Big Danny :))
Connect with MaximumPC
Featured Content
We introduce Intel's latest class of tablet killers and review 4 of the first Ultra...
Where have all the memorable videogame enemies gone?
This month's issue
Feature
11 Hardware Hacks
Feature
Overclock Your CPU
How-To
Supercharge Your Smartphone
Build It
A Powerful $830 Rig
Most Commented Articles
Latest Max PC Tweets
- maximumpc: Analysts: 9-Inch Kindle Fire This Summer http://t.co/QDYApwCZ2 hours 47 min ago
- maximumpc: Micron: DRAM Prices Likely as Low as They're Going to Get http://t.co/fFUWuFOm5 hours 44 min ago
- maximumpc: Yar, Mateys! All Of Pirate Bay Made Available As A Single 90MB Zip File http://t.co/j5LHlXEZ6 hours 58 min ago
