Standard Autorun Disable

[Glenn9999]

I just ran across this page, posted January 21, 2009 and thought it might be interesting reading.

http://www.us-cert.gov/cas/techalerts/TA09-020A.html

Overview

Disabling AutoRun on Microsoft Windows systems can help prevent the spread of malicious code. However, Microsoft's guidelines for disabling AutoRun are not fully effective, which could be considered a vulnerability.

[CharlotteTheHarlot]

I just ran across this page, posted January 21, 2009 and thought it might be interesting reading.

Excellent links, thanks. That last article in the references, Social Engineering Autoplay and Windows 7 perfectly illustrates with pictures the mile-wide hole that still exists in Windows to this day! If Windows 7 ships like this it can only lead to more criticism, very accurately stating that Windows Vista and 7 are mere fluff piled onto a ridiculously insecure code base. No more garbage about Vista and 7 being rebuilt from the ground up. Autorun came to us with Win95 gold way back in mid-1995. The damage that has entered millions of computers through this path is incalculable. And to really look at its origins, one must simply remember Autoexec.bat on floppies in drives during bootup which at least dates to DOS 2.

Still, there is one thing that is ignored in those articles about these registry patches to disable Autorun/Autoplay. If it is turned off from toggling a few characters in the registry, it can also be simply restored. Microsoft should remove it at a low level by patching WFP protected system files and removing any trace of the functions. At the very least code should be blocked from executing on removeable drives, perhaps even on network drives on all except clearly designated network client systems. Such a change should implemented at a very low level which is not easy to reverse.

[James_A]

More information in http://www.msfn.org/board/index.php?showtopic=128880

.