Quantcast

Don't have an account? Register Now! Forgot password?

Related Articles
Maximum IT
SEE MORE MAXIMUM IT
News

Redmond Reins in AutoRun, AutoPlay to Help Make Windows More Secure

Posted 05/01/09 at 07:04:35 PM  by Mark Edward Soper

comment Commentsprint Printemail EmailDeliciousDiggStumbleUponRedditFacebookSlashdot

Microsoft makes AutoRun, AutoPlay more secure, starting with Windows 7 RC

AutoRun and AutoPlay, Microsoft's "dangerous duo" for launching programs from CD/DVD and other removable media types, have become among malware authors' favorite infection vectors - and Microsoft has finally said, "enough already!"

A research study by Forefront Client Security cited by the Engineering Windows 7 blog determined that infections that can be started with AutoRun amounted to 17.7% of detected infections in the second half of 2008.

Although AutoRun was originally designed strictly for optical media, it can be used for other types of media. For example, you can create an autorun.inf file that adds the program on the media to the AutoPlay menu Windows displays, and change the default icon to make the malware program mimic a legitimate program. Conficker used this method to spread, as illustrated here.

Starting in Windows 7 RC, Microsoft has changed how both AutoRun and AutoPlay work:

  1. AutoPlay no longer supports AutoRun on non-optical removable media. An autorun.inf file on a USB or other type of non-optical removable media will be disregarded. Only AutoPlay options that pertain to the types of files on the media will be listed.
  2. When AutoPlay displays programs present on the media, the dialog now states that those programs will be run from the media.

Microsoft's Security Research and Defense blog provides sample dialogs and more details of how these changes work. The best news? Microsoft is planning to extend these security improvements to Windows Vista and XP users as well.

Are there any downsides? For a vigorous discussion of programs and devices that might not work after this change, see the comment thread at the Engineering Windows 7 blog. To start a MaximumPC-style discussion, you know what to do: click Comment and sound off! 

COMMENTS:10
TAGS: microsoft, operating system, Software, Security, windows xp, malware, AutoPlay, Windows Vista, OS, exploit, worm, windows 7, Conficker, AutoRun
COMMENTS
avatarregülatör hizmetlerini

Submitted by amacdizayn on Thu, 09/03/2009 - 3:37pm

regülatör hizmetlerini size kalitemizle sunuyoruz.
vaillant hizmetlerini size kalitemizle sunuyoruz.
kombi hizmetlerini size kalitemizle sunuyoruz.
modül basımı hizmetlerini size kalitemizle sunuyoruz.

Login or register to post comments
avatarthanks

Submitted by favori (not verified) on Mon, 06/15/2009 - 3:25am

www.favoriforum.net 2009 seo yarışması www.favoriforum.net 2009 seo yarışması www.favoriforum.net 2009 seo yarışması www.favoriforum.net 2009 seo yarışması www.favoriforum.net 2009 seo yarışması www.favoriforum.net 2009 seo yarışması www.favoriforum.net 2009 seo yarışması www.favoriforum.net 2009 seo yarışması

Login or register to post comments
avatarthanxx ilaçlama haşere

Submitted by seo (not verified) on Mon, 06/01/2009 - 2:43am

thanxx
ilaçlama haşere ilaçlama istanbul ilaçlama kene ilaçlama bit ilaçlama fare ilaçlama
pire | fare | güve | akrep | çiyan | seo | kene | ilaçlama

Login or register to post comments
avatarThanks a ton virus making

Submitted by Shalbatana on Sat, 05/02/2009 - 8:38pm

Thanks a ton virus making jerkwads! Another [usually] great feature ruined by your handiwork.

 

_______________________________

"There's no time like the future."

Login or register to post comments
avatarOne small step

Submitted by MeTo on Sat, 05/02/2009 - 5:31am

One small step in the right direction. Autoplay,Autorun was for lazy people and malware authors' favorite infection vectors. Nothing should Auto launch or install without giveing permision. IMHO

Linux Mint,AMD Athlon+ x2 5600,3 Gig ram,500 Gig HDD,ATI 1300 Video.

Login or register to post comments
avatarCustom Icon

Submitted by GrimResistance on Fri, 05/01/2009 - 11:23pm

Can you still assign a custom icon with autorun.inf? Or is there another way to do it?

Login or register to post comments
avatarPlease tell me this won't

Submitted by yogurt80 on Fri, 05/01/2009 - 8:37pm

Please tell me this won't effect virtual drives?  Like daemon Tools?

Login or register to post comments
avatarEven though this is a huge

Submitted by dgourd on Fri, 05/01/2009 - 6:04pm

Even though this is a huge bonus toward protecting ourselves from USB drives, you can still partition part of a USB drives into a CDFS format.  I do it on my U3 device.  This makes windows thinks the CDFS partition is an optical drive.  Its not perfect, but it helps alot.

Login or register to post comments
avatarThank you Microsoft!

Submitted by Looksback on Fri, 05/01/2009 - 5:02pm

Also, stop hiding file name extensions by default.  Bad practice!

Login or register to post comments
avatarSucks!

Submitted by dcdannyf on Fri, 05/01/2009 - 4:13pm

That's sad, especially when there is a worm virus. Also, starting to not support the autorun.inf file sucks a lot! It won't open the AutoPlay window up!!!! Big Danny :))

Login or register to post comments

This Month's Issue
Maximum PC
SUBSCRIBE NOW
AND SAVE!
FEATURE How to Get FREE Programs, Services, Software & MoreFEATURE Digital Photo Printer RoundupHOW TOBuild a 3D CameraFEATUREDIY Arcade PCWHITE PAPERHow TRIM Works