Tuesday, March 17, 2009

More Vista AutoRun Nonsense

After listening to Security Now episode #187 I was feeling quite smug that Vista was not vulnerable to the problem. Wrong! Microsoft's KB 967715 is misleading too. Why are the guys at Microsoft so lax about improving security? Surely they realise how easily viruses can spread using USB removable drives? I guess not.
Here's a simple fix, which will work for Vista, WinXP, etc.: Create a text file and paste the following:
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=dword:000000ff
"DontSetAutoplayCheckbox"=dword:00000001
"NoAutorun"=dword:00000001
"HonorAutorunSetting"=dword:00000001

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDriveTypeAutoRun"=dword:000000ff
"DontSetAutoplayCheckbox"=dword:00000001
"NoAutorun"=dword:00000001
"HonorAutorunSetting"=dword:00000001
Save this as "noautorun.reg" or something similar, and then double-click to run it. Make sure that everything inside the square brackets [] is on a single line. This will stop your machine automatically running code when you insert a removable drive, CD, etc.

2 comments:

  1. REGEDIT4
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
    @="@SYS:DoesNotExist"

    ReplyDelete
  2. That's a bit extreme, because you are disabling the ability of the user to manually do an autorun.

    See this blog entry

    ReplyDelete

The last 50 anonymous "comments" have been spam, and were deleted before being published. I have disabled anonymous commenting for a while, until the spammers go away. I appreciate all genuine comments, and publish all comments that are on topic and not spam.