Windows 7 tackles USB AutoRun security flaw

April 30, 2009
by John Lister

Windows 7 tackles USB AutoRun security flawMicrosoft has pulled the AutoRun feature for USB sticks from Windows 7 as a security measure. It’s a response to a tactic for spreading viruses which proved particularly successful for the Conficker virus.

The tactic took advantage of two technologies which are part of both XP and Vista. AutoPlay lets users decide which program should run when a disk or other device is inserted. It was originally designed to make it easier to play a music CD, but later extended to cover multiple functions such as opening image files automatically in an image editing program.

AutoRun allows a program on the disk or device to run automatically and is most commonly used for software installation disks. Given the potential for abuse there, many users disable AutoRun.

However, viruses such as Conficker take advantage of the fact that the list of options brought up by AutoPlay in XP and Vista includes any AutoRun options on the disk or device. These are listed first, under ‘Install or run program’, with the AutoPlay options listed below under ‘General Options’.

The creators of viruses realized they could trick users by setting the AutoRun option to be titled ‘Open folder to view files’ – the exact same wording as the AutoPlay option which always appears. With the same wording appearing twice, it’s easy to mistakenly click on the first listing, which in fact installs the virus.

Attacks using the system were barely non-existent before the start of next year, but have gradually grown since then and are now responsible for around one in six successful virus replications.

Microsoft has announced that in Windows 7, the AutoPlay menu will only list AutoRun tasks for CDs and DVDs; for any other device, including USB sticks, the AutoRun tasks will not be listed.

The changes will also be applied to XP and Vista in future updates, though there’s no schedule yet. It appears Microsoft wants to test how effective the solution is in Windows 7 – and whether it causes too much disruption to firms which use AutoRun legitimately – before rolling it out to all Windows users.

  • Facebook
  • Twitter
  • Digg
  • Fark
  • Technorati
  • del.icio.us


Related Posts:

Posted in Microsoft, Security, windows 7 | 3 Comments » Read more from John Lister

3 Responses to “Windows 7 tackles USB AutoRun security flaw”

  1. Ny:
    May 4th, 2009

    Due to having no auto-playh, my camera is no longer recognised and i am having trouble transfering pictures to my computer! Any ideas?

  2. Tech Guy:
    October 23rd, 2009

    STUPID microsoft, fuck you

  3. Tech Girl:
    October 23rd, 2009

    they should make signed exe’s able to run

Leave a Reply:


Copyright © 2009 Blorge.com