Last week, I applied Microsoft Updates to one my Windows XP test machines and noted an optional update which restricts “AutoRun entries in the AutoPlay dialog to only CD and DVD drives”.
You can see from the image above that the update is optional.
Yet, a Microsoft blog post about the update called it an “important, non-security update“.
Important updates are automatically applied by Microsoft Updates.
And so there was much rejoicing and AutoRun was declared dead.
But not so fast!
Larry Seltzer’s technically accurate (based on Microsoft’s statement) story about trimming AutoRun was followed up by another story with a correction from Microsoft.
“The functionality change to Autorun is, for the moment, marked as Optional for Windows XP. Users who have automatic updates set to install both Optional and Important updates have already begun to receive the update. We plan over the next few weeks to re-set the change to Important, allowing it to reach the remainder of the Automatic Update-using XP community.”
“Microsoft says that this was a miscommunication and not a mistake.”
And so AutoRun lives on, and even after Microsoft adjusts the update from optional to important for Windows XP, update KB971029 only limits non-optical media functionality.
So… to limit AutoRun, manually run Microsoft Updates. To completely kill AutoRun, click here and use the “fix it for me” option.
Regards,
Sean
On 15/02/11 At 01:56 PM
Related Posts
- Some of our favourite sysinternals tools have been updated. TCPview, Autoruns, ProcDump and Disk2vhd have changed. More here http://blogs.technet.com/b/sysinternals/archive/2010/07/22/updates-tcpview-v3-0-autoruns-v10-02-procdump-v1-81-disk2vhd-v1-61.aspx, (Fri, Jul 23rd)
(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
View full post on SANS Internet Storm Center, InfoCON: green... - Fake News of Eminem’s Death Leads to Malware
We recently saw some articles on the Web saying that Slim Shady aka Eminem died in a car crash. Today, we received a spammed message that still claims the rumor is true. The email pretends to be from ... - Space weather’s role in return to Stone Age greatly exaggerated
The Space Weather Enterprise Forum was held on June 8, 2010, at the National Press Club in Washington, DC. NASA, The National Aeronautic and Space Administration (NASA) and the National Oceanic and At... - Malware sites already capitalizing on announcement of Osama Bin Laden’s Death
Within hours of the announcement of Osama Bin Laden's death, we are already seeing malicious sites emerge to capitalize on the news. One Spanish language site displays a purported photo of a murdered ... - Browser Updates
Just a few days ago, two major web browsers have been updated to fix security vulnerabilities which may allow attackers to infect the computer with malware just by visiting a hacked website.Google rel... - Adobe updates Reader and Acrobat
A little earlier as announced, Adobe released updated versions of Adobe Acrobat and Reader. These programs were vulnerable to the Flash Player zero-day-vulnerability as well, which was fixed last week... - Flash Player Update available
Just a short notice on the now available Adobe Flash Player Update: Version 10.2.159.1 has been released which fixes the critical security vulnerability which allow attackers to infect computers with ... - Facebook Password Has Been Changed…NOT!
We've already seen spam campaign theme that uses one of the famous Social Networking sites, Facebook. Like, Facebook Password Reset Confirmation, New login system, and Facebook updated account agreeme... - “Facebook Support. Your password has been changed!” contains trojan
MX Lab, http://www.mxlab.eu, started to intercept a new trojan distribution campaign by email with the subject “Facebook Support. Your password has been changed! ID09687″. Note that the nu... - Very bad news, with more bad news embedded
Malware writers never miss the chance to take advantage of big world events, no matter how tragic. The recent Japanese nuclear incident, caused by the devastating earthquakes, is their target this ti...
Posted on 15 February 2011. Tags: Autoruns, been, Death, exaggerated, greatly, news
