Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Microsoft is turning off Auto-Run! - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Microsoft is turning off Auto-Run!

Well, kinda.

Yesterday morning Microsoft through their MSRC announced that they were going to further protection of Windows customers by disabling the Auto-Run "feature" in Windows for everything *except* optical media.  (Because CD-ROM's can't be written to, according to them.  I see nothing about CD-R and CD-RW specifically.)

I feel this is a good idea.  There have always been virus/malware that liked to attach itself to things like thumbdrives and removable media like diskettes.  (Does anyone use those anymore? ;)  All the Windows environments that I've ever functioned in my whole career have always had Auto-Run disabled, so this is just good security practice by now.

For more details check out Microsoft's articles on the subject here and here.

Thanks to the reader who wrote in about this.

-- Joel Esler | http://www.joelesler.net | http://twitter.com/joelesler

Joel

454 Posts
ISC Handler
yey, one killer move for MS
Anonymous
I have this saved as \"ReallyDisableAutoRun.reg\"
REGEDIT4
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\IniFileMapping\\Autorun.inf]
@=\"@SYS:DoesNotExist\"
Anonymous
Don't you mean "All the Windows environments that I've ever functioned in my whole career have always [thought they] had Auto-Run disabled [but microsoft kept finding new ways to turn it back on]"? Let's see if it stays off this time, or if we have to resort to garlic and wooden stakes.
Anonymous

Sign Up for Free or Log In to start participating in the conversation!