Microsoft's Drops The Curtain On AutoPlay - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Operating Systems
Commentary
2/22/2011
11:26 AM
Dave Methvin
Dave Methvin
Commentary
50%
50%

Microsoft's Drops The Curtain On AutoPlay

Born during The Age of Auto Everything, the Windows AutoPlay functionality was anything but a home run. So Microsoft finally lays it to rest.

The most annoying part about AutoPlay V2, as it's called, is that can take Windows a while to scan the removable media for files and decide what to do. But it's also a potential security risk if you've told Windows to take automatic action based on the content type. For example, someone could create a corrupted music file that exploited a vulnerability in Windows Media Player, and it would run without the user having to approve running the file. So this provides another way to automatically run malicious code even when basic AutoRun is not being used.

AutoRun functionality has been abused in the past, which has led to Microsoft's decision to disable it. The most notorious example was the Sony Rootkit of 2005. In an attempt to keep the music-copying genie in the bottle, Sony issued audio CDs that included a small data partition with an AutoPlay file.

When users put the CD into their computer to play music, it installed a very invasive piece of software that disabled copying of audio CDs. Beyond that, however, bugs in the software caused system instability and left an opening for other malicious software to take advantage of the rootkit's ability to hide files. Sony misusing AutoRun this way set a pretty horrific standard, a behavioral bar so low that nearly anything goes.

The rise of removable media that is writable, such as USB flash drives and portable hard drives, makes AutoPlay even more dangerous. For example, an attacker who wants to break into a specific company could sprinkle a handful of AutoPlay-infected inexpensive USB drives in the company's parking lot.

Odds are good that at least one of them will find its way into an employee's computer at work or at home, and from there the attacker can find his way into the company's secrets. These kind of attacks can be very effective because they are often able to circumvent even tight network controls intended to prevent infiltration.

In the continuing battle between convenience and security, the convenience of AutoPlay has been beaten back to square one by the security issues it raises. We're all used to the additional security problems caused by ubiquitous Internet access, but this one is different. It's a feature that hearkens back to the old floppy boot sector viruses, resurrected for abuse in an era of cheap USB drives. If Microsoft was designing AutoPlay today ... well, I doubt a feature like that would make it at all. The Age of Auto Everything has ended.

See More

Nokia Makes Last Stand With Microsoft

Carriers Sending Mixed Signals On Mobile Bandwidth

Microsoft Needs More Kinect, Less Kin

Microsoft's CES Misdirection Depends On Developers To Succeed

Windows Phone 7, Collateral Damage Edition

13 Technology Predictions For 2011

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Previous
2 of 2
Next
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Slideshows
Blockchain Gets Real Across Industries
Lisa Morgan, Freelance Writer,  7/22/2021
Commentary
Seeking a Competitive Edge vs. Chasing Savings in the Cloud
Joao-Pierre S. Ruth, Senior Writer,  7/19/2021
News
How CIO Roles Will Change: The Future of Work
Jessica Davis, Senior Editor, Enterprise Apps,  7/1/2021
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Monitoring Critical Cloud Workloads Report
In this report, our experts will discuss how to advance your ability to monitor critical workloads as they move about the various cloud platforms in your company.
Slideshows
Flash Poll