Thursday, April 24, 2014
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
Facebook Enjoys High First-quarter Revenue
Qualcomm Reports Less Than Expected 2Q Revenue
iPhone Sales Drive Apple's Record March Quarter Revenue
Travelling Through Time On Updated Google Maps
OnePlus One To Launch Next Month
LG Display Reports First Quarter Results
Toshiba Announces Canvio AeroMobile Wireless SSD
Global Chip Revenue Rises in 2013
Active Discussions
help questions structure DVDR
Made video, won't play back easily
Questions durability monitor LCD
Questions fungus CD/DVD Media, Some expert engineer in optical media can help me?
CD, DVD and Blu-ray burning for Android in development
IBM supercharges Power servers with graphics chips
Werner Vogels: four cloud computing trends for 2014
Video editing software.
 Home > News > General Computing > Microso...
Last 7 Days News : SU MO TU WE TH FR SA All News

Wednesday, February 09, 2011
Microsoft Patch Disables Windows Autorun Feature


Microsoft has released a security patch that changes the Autorun functionality in Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008, in an effort to protect users from attacks.

Microsoft today made available updates to the Autorun feature that help to restrict AutoPlay functionality to only CD and DVD media on supported editions of Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008. Microsoft siad that by restricting AutoPlay functionality to only CD and DVD media can help protect userss from attack vectors that involve the execution of arbitrary code by Autorun when inserting a USB flash drive, network shares, or other non-CD and non-DVD media containing a file system with an Autorun.inf file.

In Windows XP, Windows Vista, and Windows Server 2003, AutoRun entries were populated for all devices that had mass storage and had a validly formatted AutoRun.inf file in the root directory. This included CDs, DVDs, USB thumb drives, external hard disks, and any volume that exposed itself as mass storage. This update disables AutoRun entries in AutoPlay, and displays only entries that are populated from CD and DVD drives. Effectively, this prevents AutoPlay from working with USB media.

The update is now offered via automatic updating. Users who have already installed Microsoft's 971029 update manually will not be offered the update and do not need to take additional action.

Microsoft is marking this as an "Important, non-security update." Notice that this update does not turn off the AutoRun feature entirely. For example, it does not impact "shiny media" such as CDs or DVDs that contain Autorun files.

For all those users who prefer the existing Autorun functionality and will want to reverse the effects, Microsoft is offering a Fix It that accomplishes that.

"Changing behavior for a running system is never a trivial thing, and we take it incredibly seriously. It would be a bad outcome for people to think they have to make a tradeoff between security and anything else. Updates to protect against vulnerabilities are an important part of keeping a system secure. We had to be very confident that this change was the right balance for most people," Adam Shostack, a program manager working in TWC Security,wrote at Microsoft's security response blog.


Previous
Next
YouView Launch Delayed For 2012        All News        Nokia Drops MeeGo Phone
YouView Launch Delayed For 2012     General Computing News      MPAA File Lawsuit Against Hotfile.com

Get RSS feed Easy Print E-Mail this Message

Related News
Nokia Devices and Services Acquisition Expected to Close This Week
Microsoft and Motorola Solutions Sign Licensing Agreement
China Approves Sale of Nokia's Business to Microsoft
Microsoft Announces New Cloud Tools
Microsoft Previews .NET Native Platform For App Developers
Microsoft Says It Won't Search Users' Emails For Stolen Property
Microsoft and Dell Sign Patent Licensing Deal
Microsoft Opens Source Code for MS-DOS and Word For Windows to Public
Nokia, Microsoft Deal Delayed
Microsoft Searched Hotmail Messages To Track Leak
SQL Server 2014 Coming April 1st
Microsoft Releases 2013 Law Enforcement Requests Report

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2014 - All rights reserved -
Privacy policy - Contact Us .