facebook rss twitter

Microsoft rethinks AutoPlay to counter growing threat of malware

by Parm Mann on 30 April 2009, 15:58

Tags: Windows Vista, Windows 7, Windows XP, Microsoft (NASDAQ:MSFT)

Quick Link: HEXUS.net/qar2s

Add to My Vault: x

Microsoft has revealed plans to improve security of its Windows operating systems by adjusting the AutoRun functionality first introduced in Windows 95 and later expanded via AutoPlay in Windows XP.

According to the software giant, malware such as the Conficker worm is known to utilise the AutoRun feature in an effort to mislead users into activating Trojan Horses. Despite the long-running availability of AutoRun, Microsoft states that a study from Forefront Client Security found 17.7 per cent of all malware infections in the second half of 2008 came as a result of AutoRun misuse.

As the largest single cause of malware infections, it's now working to rectify the apparent flaw. So, how will it go about it?

At present, users making use of removable media such as USB flash drives are presented with an AutoPlay menu that looks a little something like this:

Microsoft's problem, and indeed the user's, is that hidden malware can be easily disguised to trick users into running harmful applications. In the above example, the link highlighted in red would launch the program and potentially infect a system whilst the link highlighted in green would merely run a Windows task.

It's an easy method of misleading users, and Microsoft's solution is to cease to display the AutoRun task for every device other than removable optical media. Following the change - which is already implemented into the Release Candidate of Windows 7 - users will no longer be provided with an AutoRun option in the AutoPlay menu, as shown below.

Whilst an obvious and easy solution, it could create problems for flash media that legitimately utilises the AutoRun functionality. Microsoft states it is "working with ecosystem partners to help mitigate situations where this AutoRun change will have an impact on them". Meanwhile, optical media such as non-writable CDs and DVDs will continue to allow the option to AutoRun.

The change in functionality is expected to appear in next week's Windows 7 Release Candidate, and will be implemented into Windows XP and Windows Vista via future software updates.

HEXUS Forums :: 12 Comments

Login with Forum Account

Don't have an account? Register today!
Posted by Funkstar - Thu 30 Apr 2009 16:02
Autorun was introduced in Win95 wasnt it? And then needlessly complicated in XP.
Posted by Steve - Thu 30 Apr 2009 17:08
How about only letting signed apps autorun?
Posted by dangel - Thu 30 Apr 2009 17:19
Bad idea - you wouldn't believe how reliant users are on Autorun - our customers would probably log a support call if the DVD menu failed to show up because it's not signed (i don't even want to imagine the fun of getting every build signed too)
Posted by kalniel - Thu 30 Apr 2009 17:55
HEXUS
AutoRun to become limited to non-removable optical media, says Microsoft..
Can someone give me an example of a non-removable optical media?
Posted by miniyazz - Thu 30 Apr 2009 18:06
I don't even use autoplay - disable it as soon as I install a new OS. Possibly my problem with it stems from it slowing down my previous computer - everything just sortof froze for a few seconds and I couldn't do anything; plus if I plug in a portable HDD, it tries to search through the whole disk to find the stupid autorun file, which of course doesn't even exist. Yes I could only autorun for DVDs, but it's just easier to do without, plus then I know what's going on.

SEE NEWER »