Windows 7 AutoRun Changes

Microsoft are making a number of advancements with Windows 7 (see Safe Unlinking) and there’s another change being made-this time to the AutoRun feature.

More and more malware is using the Autorun feature as a way of getting itself onto machines, the most high profile being Conficker; so MS have moved to prevent this in their latest Operating System.

What is AutoRun?

AutoRun is a technology used to start some programs automatically when a CD or another media is inserted into a computer. The main purpose of AutoRun is to provide a software response to hardware actions that a user starts on a computer (from MS Security Research & Defense Blog).

What are MS doing?

The Microsoft engineers have made changes in Windows 7 to help prevent the spread of Malware:

1) AutoPlay will still work for CD/DVDs but it will no longer work for USB drives. For example, if an infected USB drive is inserted on a machine then the AutoRun task will not be displayed. The dialogs below highlight the difference that users will see after this change. Before the change, the malware is leveraging AutoRun (box in red) to confuse the user. After the change, AutoRun will no longer work, so the AutoPlay options are safe.

AutoRun1autorun2

This, and other changes, can already be seen in the Windows 7 RC  that is available for download now. Microsoft also plan on making these changes available for XP & Vista users. You can see full details over at the MS Security Research & Defense Blog.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s