Windows 7 Changes AutoPlay For Better Security

Windows 7 Changes AutoPlay For Better Security
fakeautoplayWindows’ AutoPlay feature has often proven to be more of a distribution vector for malware than a convenience for users, but the forthcoming Windows 7 release candidate, due any day now, makes some tweaks that could help overcome the problem.

The Engineering Windows 7 blog explains how one of the main distribution vectors for recent malware such as Conficker has been placing fake messages on the AutoRun area of the AutoPlay screen which pops up by default whenever a CD or USB stick is plugged in. If an unthinking user clicks on a fake ‘Open folder to view files’ link (as indicated in the screenshot), they can easily end up with unwanted software.

In Windows 7 RC, however, the AutoRun dialog will be blocked whenever any rewriteable media is plugged in, although it will still appear for optical media like CDs or DVDs. In itself, that’s not going to stop malware being a problem, but it will eliminate one potential distribution method (and mean your own AutoPlay modifications probably won’t work any more).

Improvements to AutoPlay [Engineering Windows 7]

Log in to comment on this story!