Thursday, January 22, 2009

How to Disable Windows AutoRun Feature

The National Cyber Alert System of US-CERT (part of the Department of Homeland Security) recommends the following registry setting:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf to "@SYS:DoesNotExist"

AutoRun is the feature through which the attachment of new drives to the system can run programs on those drives automatically as long as file autorun.inf is found. This file is usually hidden and can pose security problems if automatically run program is malicious.

CERT Weighs in on Windows AutoRun Flaw [via]
Microsoft Windows Does Not Disable AutoRun Properly [via]

No comments:

Post a Comment

Do provide your constructive comment. I appreciate that.