One quick trick prevents AutoRun attacks

Scott dunn
By Scott Dunn

The AutoRun function in Windows can launch installers and other programs automatically when you insert a CD or flash drive, but this convenience poses a serious security risk.

Unfortunately, simply turning off AutoPlay, a separate feature, isn’t enough to prevent AutoRun from introducing a rogue program into your system.


AutoRun starts Windows programs automatically

Every recent version of Windows has features known as AutoPlay and AutoRun. These functions are designed to launch applications automatically from a external device containing the necessary AutoRun information. This is what causes an installer window to pop up when you insert a software disc into your CD or DVD drive, for example, or makes a pop-up menu icon appear in the taskbar tray when you insert a USB flash drive. (In some cases, the action doesn’t occur until you double-click the flash drive icon in Windows Explorer.)

When a disc is inserted or a drive is connected to your system, Windows looks in the root directory of the new disc or drive for a file named autorun.inf. If found, Windows executes the instructions in that file.

For example, an autorun.inf file on a CD might contain a line that reads open=setup.exe. This tells your computer to launch a setup program as soon as the CD is inserted into the drive.

However convenient this might be, unfortunately, AutoRun also opens a huge door for viruses, Trojan horses, and worms. All it takes is a USB flash drive with an autorun.inf file and an executable in its root. Once inserted, a worm launched in this manner can infect every disk partition it finds, jumping from computer to computer as network users connect to an infected drive.

Shutting down AutoPlay is not a fix

In both Windows XP and Vista, the default for USB flash drives is to prompt the user for a decision if autorun.inf tries to launch a program. Inserting a CD or DVD into a drive, however, defaults to running any autorun.inf file that may be present.

This article is part of our premium content. Join Now.

Already a paid subscriber? Click here to login.



Get our unique weekly Newsletter with tips and techniques, how to's and critical updates on Windows 10, Windows 8, Windows 7, Firefox, Internet Explorer, Google, etc. Join our 460,000 subscribers!

Enter your email above to receive messages about offerings by Penton, its brands, affiliates and/or third-party partners, consistent with Penton's Privacy Policy.
The Windows 7, Vol 3 (Excerpt)

Subscribe and get our monthly bonuses - free!

The Windows 7 Guide, Volume 3: Advanced maintenance and troubleshooting provides advanced tools for keeping Microsoft's premier operating system up and running smoothly. Get this excerpt and other 4 bonuses if you subscribe FREE now!

= Paid content

All Windows Secrets articles posted on 2007-11-08: