Video Screencast Help
Security Community Blog

New KB 971029

Created: 16 Feb 2011
mon_raralio's picture
+1 1 Vote
Login to vote

Good news from Microsoft.

In Windows XP, Windows Vista, and Windows Server 2003, AutoRun entries were populated for all devices that had mass storage and had a validly formatted AutoRun.inf file in the root directory. This included CDs, DVDs, USB thumb drives, external hard disks, and any volume that exposed itself as mass storage. This update disables AutoRun entries in AutoPlay, and displays only entries that are populated from CD and DVD drives. Effectively, this prevents AutoPlay from working with USB media.

Affect on end users and end-user software

loadTOCNode(2, 'moreinformation');

  • Many existing devices in market, and many upcoming devices, use the AutoRun feature with the AutoPlay dialog box to present and install software when DVDs, CDs, and USB flash drives are inserted.
  • Users who install this update will no longer receive a setup message that prompts them to install programs that are delivered by USB flash drives. Users will have to manually install the software. To do this, users click Open folder to view the files, browse to the software's Setup program, and then double-click the Setup program to run the program manually.
  • Some USB flash drives have firmware that present these USB flash drives as CD drives when you insert them into computers. These USB flash drives are not affected by this update.

Affect on features in Windows

loadTOCNode(2, 'moreinformation');
This change to AutoPlay will affect the Wireless Connect Now (Copy Network Settings Wizard) feature in Windows. This feature allows for a user to copy their network settings to a USB flash drive and move the network settings to another computer. After you install this update, users will no longer see the Copy Network Settings Wizard dialog box. Users must browse to the setup executable that is found on the USB flash drive to start the "Copy Network Settings" process.

http://support.microsoft.com/kb/971029

What this means is that we can now breathe a little sigh of relief knowing that malwares from USB storage devices will now have a lesset effect on the system. And that some policies can now be disabled and allow endusers additional flexibility in terms of PC usage when they aren't able to do some tasks before. Moreover, setup of new workstations is a tad easier with one less security hole to worry about. Just get the patch and include it into your setup or deployment. No need for scripts or anything which can be easily bypassed.

Cheers.