In association with heise online

10 February 2011, 16:30

This is the (partial) end of Windows AutoRun

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Microsoft Logo Microsoft has released a patch via Windows Update that disables the AutoRun function, or rather modifies the AutoPlay dialogue, for USB flash drives and other mobile storage media in older versions of Windows. With this measure, the vendor wants to prevent the success of malware which tries to infect Windows systems when a USB flash drive is connected to a PC.

The patch is essentially a backported version of the changes that have already been integrated into Windows 7. Applications on writeable media, such as USB flash drives, memory cards or external hard disks, can normally only start when launched by the user, which is why the AutoPlay dialogue was given an additional option. The patch completely removes the option for starting a program from the dialogue window.

Microsoft initially introduced this change in Windows 7 after the Conficker worm displayed a bogus icon, making users believe they were clicking on a folder in the AutoPlay menu when an infected USB flash drive was connected. Instead, however, they started the worm.

Further patches were provided to protect Windows XP, Vista, Server 2003 and Server 2008. However, due to concerns by Microsoft partners who said they require the functionality for certain processes, Microsoft didn't deploy the patch on a large scale and initially only offered it via the Download Center.

According to Adam Shostack from Microsoft's Trustworthy Computing team, the Microsoft partners who required AutoRun functions have now incorporated the U3 standard into their devices. Therefore, the patch has now been made available via Windows Update – not to be confused with the Auto Update feature – and is offered as an important non-security update on the website. For users who don't like the modification, Microsoft has provided a fix-it tool that reverts the dialogue to the previous version.

The AutoRun modification does not apply to CDs and DVDs, but Microsoft says that no malware propagation via such media has been observed.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit