Windows 7's New Autoplay Helps Stop Malware
All throughout April, the Conficker worm was one of the top things on the mind of those thinking about PC security.
While Conficker so far hasn’t caused any sort of PC outbreak, it does draw attention to the spread of malware across Windows machines. Like all malware, however, it requires actual user consent (or at least some form of action) for it to infect a system.
Windows 7 aims to protect users better by making a small change that should take away one way that malware sneaks onto Windows XP and Windows Vista – taking away AutoPlay options for removable non-optical media.
“While presenting an AutoRun task in AutoPlay has been available since Windows XP, we have seen a marked increase in the amount of malware that is using AutoRun as a potential method of propagation,” explained Arik Cohen, a program manager on the Core User Experience team. “According to the Security Intelligence Report, an enterprise study by Forefront Client Security found that the category of malware that can propagate via AutoRun accounted for 17.7% of infections in the second half of 2008 – the largest single category of malware infections.”
In Windows 7, freshly inserted USB drives, SD cards and other media (but not CD or DVD) will no longer have the “Install or run program” option available in AutoPlay.
It may seem like a small change, but after seeing the image below, we can see how easy it would be to accidentally click the wrong action.
- HP's New Line of Catchy Pro Notebooks
- World's Most Durable SSD; Only 436lbs
- QOTD: Do You Want Questions From Readers?
- Firefox 3.5 Beta 4 Lets You Browse Privately
- GE's Holographic Storage to Yield 500 GB Discs
- Dell's All-in-One Hits U.S. at $699
- What $10 PC? India Goes OLPC
- IBM's Supercomputer to Compete on Jeopardy!
- Former IBMer Finally Starts Work at Apple
- Say Goodbye to 16:10 Notebook Displays
- Microsoft: Pirated Windows 7 Will Still Get Updates
- Microsoft Responds to EU Antitrust Case
- Google Says It's Not the Pirate Bay
- Windows Vista SP2 Hits Release to Manufacturing
- iBuyPower Intros LAN Warrior Gaming PC
- Intel SSD Prices Drop by Up to $100
- Panda Offers Cloud-Based Antivirus
- Windows 7's XP Mode Requires 2 GB RAM
I always just use the View files with Explorer. I hate that when I have music on my flash drive it says: Do you want windows to open this with iTunes, WMP, Windows Media Center etc. For me, this is more of a annoyance relief.
disable auto run if it's that annoying. Whats annoying is people complaining about things that they don't understand.
It's a welocme change, I too prefer to open windows explorer to browse my files
disable auto run if it's that annoying. Whats annoying is people complaining about things that they don't understand.
I love autorun. I just don't like that one section that will be gone with Windows 7. You shouldn't just cherry-pick my comment and deduce that I hate autorun. I said I hate the Install and run option.
I disable Autorun. I just open Explorer with Windows + E, much faster and less annoying imo esp. if you switch flash drives often.
sounds great!
I for one do hate autorun and although i know i can turn it off i would prefer autorun to be off by default.
Those who are able to turn it back on are probaly 1337 enough to handle the dangers like akoegle.
(this is sarcasm autorun seriously is annoying in my personal opinion and i doubt its wrong to think to turn it of by default gives the user more control and protects the ignorants from the big bad evils)
I love how autorun in Vista doesn't even save your previous actions (even if you tell it to...?) and the fact that there isn't an option to do nothing, not one that you can save at least. Every time I plug in my iPod I get a pop-up asking me what I want to do, it's annoying to the point of stupidity because all I want is for it to do what it's supposed to (open in iTunes and just have Windows stfu about it.)
I think general computer educations needs to become more widespread so we don't need stupid-user features questioning our every move...especially for those of us who know what we are doing, possibly more than Windows does....
"...taking away AutoPlay options for removable non-optical media."
How about non-removable such as local drives and network drives? It is rare, if at all, for a local/network drivers to use the autorun feature, but it is enabled by default. I have seen how such an oversight have continually caused malware infection.
I sometimes help around my parents' shop and one of the things I ensure is that ONLY optical drives are allowed the autorun feature (a small trade-off as opposed to completely disallow all drive types).
i usually use Ninja Pendisk to auto-delete the file autorun.inf when removable media is inserted. Much safer.
Unfortunately, i have experienced my vista infected with virus by just opening windows explorer to view the files in my friend's removable usbdrive, even though the autorun has been disabled. Windows is not really safe...
... Windows is not really safe...
no, viruses are more inteligent than windows! just a good security suit can solve the problems. and there are too many dumb people using this OS! so, in about 90% market share, that is normal I think!
i usually use Ninja Pendisk to auto-delete the file autorun.inf when removable media is inserted. Much safer.Unfortunately, i have experienced my vista infected with virus by just opening windows explorer to view the files in my friend's removable usbdrive, even though the autorun has been disabled. Windows is not really safe...
It sounds like your friend isn't safe.
There should be an option to have it enabled/disabled on a device.
WHat happens if in the future programs are sold on flash cards?
Flash cards can work as a security device to prevent piracy if a security chip is hooked up to the io. example: SDIO (wifi on sd).....
Also some usb drives rely on auto run, to run the decryption program to unlock the device.
Or some usb devices such as a phone adapter, when hooked in the pc run their custom software to interact with the usb sound card to make pc to internet calls.
So it is a needed feature for some devices.
Maybe check if the device is read only media? (optical is read only)
You know what a nice feature would be: Disable the low on disk space bubble/info window on a particular drive.
I use an Gigabyte I-RAM 4GB for my pagefile and its always out of space, and that stupid warning comes up all the time.
i hate this new format on toms, i liked it better with my avatar =[
i hate this new format on toms, i liked it better with my avatar =[
I'm with you on this one. If for no other reasons, avatars make it easier to identify the speaker and conversations, especially since our comments aren't threaded.
disable auto run if it's that annoying. Whats annoying is people complaining about things that they don't understand.
So, let me get this straight. Your position is that only people who know everything about a subject have a good reason to complain about something such that it does not annoy you? What a crappy person you are.
If Windows knows the diference between "Open" a file and "Execute" a file, and if it knows how to show this diference clearly to the user, it will be much more safe.
At least half the virus use this single (not so) little bug to infect systems all around.
MS is just desperate to sell more copies of their OS.
Well then what's the point of the UAC?
At least this time MS is paying closer attention to their work ^_^
Just feeding the m$ junkies their daily spoon of crapeting, to keep them salivating.
m$ is, as usual, just partially capable to fix it's dumbness, only after the whole world is crying out loud... What makes non-flash/optical media exempt of malware propagation?
@m$ fanboy$: ready? 1, 2, 3: "Windblow$ ($even) is the greatest!!!"