New Labour is in the dustbin of history - David Starkey
|
|
|
Microsoft issues a patch to disable Autorun
SOFTWARE FACTORY Microsoft has finally issued a patch through its Windows Update service to disable Autorun.
For years Microsoft has been pushing for users to disable Autorun, a feature of Windows that automatically executes an application when removable media is detected by the operating system. The company found that Autorun was being used by malware authors as a way to propagate their malicious software, which led it to make wholesale changes to Autorun in Windows 7.
The changes to Autorun in Windows 7 were followed up by Microsoft issuing instructions on how to mimic the same protection for previous versions of Windows. However the firm has now included a patch through Windows Update classed as an "important, non-security update", to try to increase deployment.
Much of Adam Shostack's post on the subject explained why the patch wasn't labelled as a security update. Shostack, a program manager at Microsoft, went to great pains to differentiate the two patch classifications, saying, "at Microsoft we reserve the term 'Security Update' to mean 'a broadly released fix for a product-specific security-related vulnerability'." He continued, saying that Autorun affects "shiny media" such as CDs and DVDs but claimed that Microsoft's research had yet to see malware authors exploit Autorun in such media.
Microsoft has been forced to slow play the deployment of its Autorun patch due to the many legitimate applications that rely on the function. Shostack singled out companies that rely on the wholly irritating use of U3 software as one of the reasons Microsoft had to take this softly-softly approach to deprecating Autorun.
Be that as it may, Microsoft has finally taken the leap and issued an Autorun patch through its Windows Update service in the hope that those who rely on it to keep some semblance of security under Windows will install it. µ
Tags: Microsoft
Share this:
Share
Autorun is just one of the hundreds of ill-conceived, poorly thought-out, terribly implemented features that plague almost anything that Microsoft ever does.
Microsoft never ever gives three bits a damn about security until it's way too late. To disregard security in favour of stupid and pointless user-misoriented misfeatures such as autorun is in their DNA.
There is nothing dumb or wrong with autorun, it is something that makes sense in an automated world, the problem was never autorun but how it was implemented.
What I mean is if I put a cd in of a game it should prompt the user if they want to install the game the first time but not after its installed, windows 7 should be smart enough to do this. same for music or movies. Yes I do know you can configure it but for most users which is no one that is posting here people just are not that smart about it.
MS should have put more time and brains to figuring out how to make it a valuable tool and yet secured. I for one think its more about letting programs run rather than say having autorun be smart enough to use say virus scan to know an actual threat and not run the program automatically.
Autorun is broken because it has no smarts to it, I really like to see a paradigm shift in how we build operating system in the future, I like to see some real AI if limited in windows 8 and not just more added feature that no one even cares.
Considering all the cool advancement we have we seem to still do things on the OS as thought we where back in the 80.
Autorun was a very stupid idea. Just open the door and invite all kinds of malware to your PC.
Are people too damn lazy to insert a disc and then manually find and execute the software on it? Things like autorun just perpetuate the ignorance of average PC users. Get rid of it and make people understand what the hell 'setup.exe' usually does for them.
Now they should try to fix the ability to run a binary executable renamed as a .pif, .lnk, .bat, etc, which is being exploited by viruses since the invention of the UUCODEd files inside electronic text messages.
Its about time.
I've been disabling Autorun on every PC I own and half that I work on since the release of Windows 95.
Some of us put the disc in the drive for LATER USE, not because we need it right now.