Glenn9999 Posted January 24, 2009 Share Posted January 24, 2009 I just ran across this page, posted January 21, 2009 and thought it might be interesting reading.http://www.us-cert.gov/cas/techalerts/TA09-020A.htmlOverviewDisabling AutoRun on Microsoft Windows systems can help prevent the spread of malicious code. However, Microsoft's guidelines for disabling AutoRun are not fully effective, which could be considered a vulnerability. Link to comment Share on other sites More sharing options...
CharlotteTheHarlot Posted January 24, 2009 Share Posted January 24, 2009 I just ran across this page, posted January 21, 2009 and thought it might be interesting reading.Excellent links, thanks. That last article in the references, Social Engineering Autoplay and Windows 7 perfectly illustrates with pictures the mile-wide hole that still exists in Windows to this day! If Windows 7 ships like this it can only lead to more criticism, very accurately stating that Windows Vista and 7 are mere fluff piled onto a ridiculously insecure code base. No more garbage about Vista and 7 being rebuilt from the ground up. Autorun came to us with Win95 gold way back in mid-1995. The damage that has entered millions of computers through this path is incalculable. And to really look at its origins, one must simply remember Autoexec.bat on floppies in drives during bootup which at least dates to DOS 2.Still, there is one thing that is ignored in those articles about these registry patches to disable Autorun/Autoplay. If it is turned off from toggling a few characters in the registry, it can also be simply restored. Microsoft should remove it at a low level by patching WFP protected system files and removing any trace of the functions. At the very least code should be blocked from executing on removeable drives, perhaps even on network drives on all except clearly designated network client systems. Such a change should implemented at a very low level which is not easy to reverse. Link to comment Share on other sites More sharing options...
James_A Posted January 26, 2009 Share Posted January 26, 2009 More information in http://www.msfn.org/board/index.php?showtopic=128880. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now