Microsoft Kills AutoRun In Windows

aesoteric writes "Microsoft has finally decided to push out an update to disable AutoRun in its XP operating system, a Windows feature that had been increasingly exploited by virus writers over the years. But because Microsoft still sees AutoRun as a feature and not a security hole, it isn't calling its Windows Update a "security update" but rather an "Important, non-security update" — but it effectively disables the AutoRun feature anyway."

Re:Should have never been there.

[haruchai]

You've never worked a helpdesk, have you?

Re:Option?

[BradleyUffner]

Would be nice to have the option to enable/disable the feature..

It has been an option for as long as I can remember. It used to be one of the first things I turned off after a new install, right after I turned on the display of File Extensions.

Knowledge Base references

This is an update to KB967940, regarding the patch offered in KB971029 going to automatic updates.

I had to look up the numbers, so I thought I'd just share, and save anyone else the trouble.

Re:Knowledge Base references

[initialE]

Hate to reply to myself, but this http://blogs.technet.com/b/mmpc/archive/2011/02/08/breaking-up-the-romance-between-malware-and-autorun.aspx needs a read too. It plots the relationship between autorun and malware. Interesting how Microsoft still considers this a "non-security related update", as autorun has been an easy vector with which to poison your windows installation. Important to note that autorun will still work as expected on CD and DVD media, meaning Sony Rootkits are still going to be installed on your computer.

Re:not the same thing this is just takeing away a

Whoosh.

AutoRun was always broken

[scdeimos]

Given that PKI (Public Key Infrastructure) has been around longer than Internet Explorer, I could never understand why autorun.inf files weren't signed. Didn't Microsoft learn from all the problems induced by autorun-like behaviours on Amiga and Macintosh?

Up until about MacOS 8 (I think) the Finder used to automatically execute .CODE resources in files on disk/HDD/CD whenever a new disc came online which is how most Mac viruses got propagated.

Re:AutoRun was always broken

As the inventor of AutoRun (Microsoft even contacted me for prior art when they were sued over it) it saddens me to have it killed off like this.

The original autorunner on the Amiga had a UI element to easily toggle it on/off for a drive, which is about as secure as trusting users not to just click on spyware.exe anyway. You can't protect users from running spyware if they are careless, but you can make it easy for them to control the behavior. Instead Microsoft buried the controls and made it next to impossible to turn off for a particular disk... I think you could disable it by holding shift, or alt, or control, or something. Nobody can remember that and there's no indication that it's working.

Back in the days of swapping actual disks because there was no HD or it was tiny autorun was an awesome tool, and it's still a nice convenience for users to install drivers, etc. It didn't need to be such a security problem like it was on Windows.

Re:Should have never been there.

[LordNimon]

Betty Crocker has a FAQ on all the ways you can screw up cooking Hamburger Helper. Would you say the people who need the help have no business eating?

No, I would say they have no business cooking.