My security vendor friends at Bitdefender have reported that 12 percent of global Microsoft Windows infections in the first quarter of 2012 were Autorun-based threats. This doesn’t come as a surprise as most Windows users don’t understand the security implications of using the Windows Autorun feature. Most users also don’t know how to disable it, so I will show you two simple ways.
What is Autorun? It is a plain text-based configuration file (Autorun.inf) that enables designated files to automatically run when an Autorun-enabled drive (i.e. USB, flash drive) is inserted into the PC. Therefore it’s very easy for malware writers to obfuscate their malicious code.
What about the threat? Malware writers for example will target the Autorun.inf file on Windows-based systems with a worm or Trojan which them attempts to load a rootkit. The worm or Trojan will also try to copy itself to all drives including removable drives i.e. flash drives, MP3/MP4 players and mapped network drives. Some worms/Trojans will also attempt to disable Windows-based antivirus software.
Given the malware threat posed by the Autorun.inf file, I suggest ALL users disable the Autorun functionality in Windows. Here is one simple way to disable Autorun using a Windows Registry hack:
Open Notepad and copy/paste the following text >
Save as ‘disableautorun.reg’. Don’t forget to change the “Save File as Type” to “All Files” before saving. Save this file to your desktop and then double-click the file to run it. This will add the data above to the Windows Registry. Voila!
Here is the second way. If you are not comfortable with the above, then I’d suggest you download Panda USB Vaccine from my friends at Panda Security. This FREE Windows software is a little program that automatically disables Autorun.
Safe surfing folks!
Bootnote: The Panda USB Vaccine software is only my recommendation.