Microsoft Windows Autorun Updates Restricts Functionality - gHacks Tech News

Microsoft Windows Autorun Updates Restricts Functionality

One of the updates of yesterday's patch day slipped through my grasps, mainly because I'm running Windows 7 and the update was not for that operating system. Ghacks reader Ilev let me know about it in the comments of my patch day overview guide Microsoft Security Bulletin Overview February 2011.

Autorun has been a problematic feature for some time in a security context as it provides the means to automatically run files on removable drives, network shares, optical discs and other media if an autorun.inf file is present.

The update for Windows Autorun has been available for some time. To be precise, it was first released on February 24 by Microsoft and originally made available on the company's Download Center.

Yesterday changed that by offering the update through Windows Update as well which means that most users received the update automatically.

autoplay

Affected are all Microsoft operating systems pre-Windows 7, including Windows XP, Windows Vista and the server operating systems Windows Server 2003 and 2008. Windows 7 is not affected as it already has the restriction in place.

The update restricts AutoPlay functionality to "CD and DVD media". This protects customers "from attack vectors that involve the execution of arbitrary code by Autorun when inserting a USB flash drive, network shares, or other non-CD and non-DVD media containing a file system with an Autorun.inf file".

It basically blocks AutoPlay on all devices and media except CD and DVD media even if they contain an autorun.inf file. The only information that is accepted from autorun files is label and icon, any other keys, e.g. action which links to a file, are ignored.

Customers may experience several issues after applying the update, including:

  • Many existing devices in the market, and many upcoming devices, use the Autorun feature with the AutoPlay dialog box to present and install software when DVDs, CDs, and USB flash drives are inserted. The AutoPlay behavior with CD and DVD media is not affected by this update.
  • Users who install this update will no longer receive a setup message that prompts them to install programs that are delivered by USB flash drives. Users will have to manually install the software. To do this, users click Open folder to view the files, browse to the software's setup program, and then double-click the setup program to run the program manually.
  • Some USB flash drives have firmware that present these USB flash drives as CD drives when you insert them into computers. The AutoPlay behavior with these USB flash drives is not affected by this update.

The update is only offered if it has not already been installed on the system. Additional information about the update are available at Microsoft's Security Advisory and the blog post Deeper insight into the Security Advisory 967940 update by Adam Shostack.

Summary
Microsoft Windows Autorun Updates Restricts Functionality
Article Name
Microsoft Windows Autorun Updates Restricts Functionality
Description
Microsoft pushed out a patch on Windows Update that restricts autorun functionality on pre-Windows 7 devices to improve security.
Author
Publisher
Ghacks Technology News
Logo




  • We need your help

    Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

    We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.

    If you like our content, and would like to help, please consider making a contribution:

    Comments

    1. TRY said on February 9, 2011 at 11:28 pm
      Reply

      Instead of this update, we could install Panda USB vaccine,USB Guardian,etc. or tweak registry to disable autorun.

    2. Mystique said on February 10, 2011 at 1:20 am
      Reply

      Autorun eater would be a good choice too instead of this Microsoft patch.

    3. Ronen said on February 10, 2011 at 3:51 am
      Reply

      M$ is taking the steps of Apple, deciding for the users how to run their computers, and all in the name of security ? So once again, the user is stupid, we know better…

      1. Dan said on February 10, 2011 at 3:58 pm
        Reply

        Are you right in the head Ronen? Disabling Autorun means users can have greater control of their computer since it won’t automatically run programs when you insert a USB. Using your kindergarten logic, *nix should give all users root privileges. Wow!

    4. Marc said on February 13, 2011 at 7:16 pm
      Reply

      The change to how Autorun works was first made available in Feb. 2009.
      Also, it is NOT automatically installed. While, yes, it is available in
      Windows/Microsoft update, it is an optional patch.
      And, since it is only a partial disabling of autorun, why bother?
      A full total disabling of autorun on ALL devices can be done with a simple
      registry patch. See

      http://blogs.computerworld.com/the_best_way_to_disable_autorun_to_be_protected_from_infected_usb_flash_drives

    Leave a Reply