MSRC: AutoRun a Security Risk for Windows 7, Default Behavior of AutoPlay Modified
Article by George Norman
On 29 Apr 2009
MSRC (Microsoft Security Response Center) has announced that due to the fact that the online threat landscape is constantly changing and evolving, it will implement a security mod in the next iteration of the Windows-based operating system, mainly Windows 7. The change mentioned by the MSRC is related to how the default behavior of AutoPlay enables AutoRun for all kinds or removable media.

“Today, we’re announcing modifications in Windows that adapts to recent changes in the threat environment. Specifically, we’re announcing changes to the behavior in AutoPlay so that it will no longer enable an AutoRun task for devices that are not removable optical media (CD/DVD.). However, the AutoRun task will still be enabled for media like CD-ROM. The reason we’re making this change is that we’ve seen an increase, since the start of 2009, in malicious software abusing the current default AutoRun settings to propagate through removable media like USB devices. The best known malicious software abusing AutoRun is Conficker, but it’s not alone in that regard: there is other malicious software that abuses this feature,” explained the Microsoft Security Response Center.


It is quite important that you do not confuse AutoPlay for AutoRun and the other way around. AutoRun is the feature that automatically starts programs when you insert a CD/DVD/other media storage device; it is the software’s way of responding to hardware actions. AutoPlay on the other hand is a Windows-specific feature that lets you choose which program will start when you insert a CD/DVD or connect a media storage device; like for example when you choose Media Player to launch automatically when you insert a music CD. With the recent change that MSRC announced in Windows 7, AutoPlay will no longer support the AutoRun functionality for non-optical removable media (in layman’s terms, AutoPlay will work with CDs/DVDs but not with USB devices).

MSRC again: “Because we’ve seen such a marked increase in malicious software abusing AutoRun to propagate, we’ve decided that it makes sense to adjust the balance between security and usability around removable media. We’ve tried to be very measured in this adjustment to maximize both customer convenience and protection. Since non-writable media such as CD-ROMs generally aren’t avenues for malicious software propagation (because they’re not writable) we felt it made sense to keep the current behavior around AutoPlay for these devices and make this change only for generic mass storage class devices.”

This security mod will be implemented in the upcoming Windows 7 Release Candidate which will be shortly released to the public (details here).

Tags: Microosft, MSRC, Microsoft Security Response Center, Windows 7, AutoRun, Autoplay
About the author: George Norman
George is a news editor.
You can follow him on Google+, Facebook or Twitter

I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 17 Aug 2017
With the blockbuster movie season upon us, Sony decided to celebrate the occasion with a sale: the Attack of the Blockbusters Sale that offers discounts of up to 50% (60% if you’re a PlayStation Plus member) on a ton of PS4 video games.
By George Norman on 17 Aug 2017
Samsung’s new T5 portable solid-state drive (PSSD) uses the latest 64-layer V-NAND technology, offers between 250GB and 2TB of storage capacity, has a lightweight and shock-resistant design that’s smaller than the average business card, and delivers industry-leading transfer speeds of up to 540 MB/s.
Related News
Sponsored Links
Hot Software Updates
Top Downloads
Become A Fan!
Link To Us!
MSRC: AutoRun a Security Risk for Windows 7, Default Behavior of AutoPlay Modified
HTML Linking Code