FIX: Update to the AutoPlay functionality in Windows

It doesn’t look much recent news though it is featured on SANS diary Windows autoplay behavior updated (improved) today’s article.

It was mentioned that the fix which prevent autorun on USB devices provide an approach enforced on Windows 7 on previous windows versions as well thus providing a way to thwart the autorun based infection mechanism abused by some worms/malware.

Indeed in some cases autorun was even abused to mislead the user to launch a malicious executable by adding a fake “Open Folder to View files” entry to the device Autoplay menu.

[url=http://isc.sans.org/diary.html?storyid=5695]
http://handlers.sans.org/bzdrnja/Conficker.png

Source: Conficker’s autorun and social engineering (SANS Diary)[/url]

Thanks for pointing to the fix.

That social engineering exploit is a nasty one. It is something that will be overlooked most of the time. Only “publisher not specified” might ring a few bells as it points to an executable.

I’m glad if it was useful to mention it as I wasn’t sure if the above update is automatically deployed using Windows update.

For some reason it wasn’t on my PC and I had to install it manually. :-\

I just booted my Vista installation and the update is not it. Currently manually installing it.

It should be on the automatic update in my view.

Thanks for posting this, Very useful!

I am manually installing it too. Yep, should be on Windows Update! It is critical IMO.

Cheers,
Josh