Microsoft Changing the Behavior of AutoRun in Windows
Posted
Wednesday, April 29, 2009 1:21 PM
by
bwilms
Microsoft announced this morning that they will be changing the behavior of AutoRun so that is is not enabled for devices other than optical media. This is in response to the changing threat environment, most notably with Conficker, which utilizes the AutoRun feature on Windows to exploit vulnerabilities through use of mass storage devices (USB keys, external hard disk drives, etc).
Windows 7 RC will be the first to receive these changes followed by an update for Windows Vista and Windows XP.
Here's the article from the Microsoft Security Response Center: http://blogs.technet.com/msrc/archive/2009/04/28/changes-in-windows-to-meet-changes-in-threat-landscape.aspx