Windows 7's New Autoplay Helps Stop Malware

All throughout April, the Conficker worm was one of the top things on the mind of those thinking about PC security.

While Conficker so far hasn’t caused any sort of PC outbreak, it does draw attention to the spread of malware across Windows machines. Like all malware, however, it requires actual user consent (or at least some form of action) for it to infect a system.

Windows 7 aims to protect users better by making a small change that should take away one way that malware sneaks onto Windows XP and Windows Vista – taking away AutoPlay options for removable non-optical media.

“While presenting an AutoRun task in AutoPlay has been available since Windows XP, we have seen a marked increase in the amount of malware that is using AutoRun as a potential method of propagation,” explained Arik Cohen, a program manager on the Core User Experience team. “According to the Security Intelligence Report, an enterprise study by Forefront Client Security found that the category of malware that can propagate via AutoRun accounted for 17.7% of infections in the second half of 2008 – the largest single category of malware infections.”

In Windows 7, freshly inserted USB drives, SD cards and other media (but not CD or DVD) will no longer have the “Install or run program” option available in AutoPlay.

It may seem like a small change, but after seeing the image below, we can see how easy it would be to accidentally click the wrong action.