Windows 7 Improves AutoPlay

Malwares have been exploiting the autorun.inf file to trick users into executing it for a long time already but has been in the spotlight since Conficker was discovered. Users normally execute the file when they access the drive through the double-click method or right-click-open/explore. It doesn't automatically run by itself like a CD or DVD contrary to what many people say. Another way it uses to trick users is by exploiting the 'action' command in the autorun.inf file. It adds the AutoRun action to the AutoPlay window and often masquerades as an option to access the drive but in actual fact, you're executing the malware. Smarter malwares will run and then open your drive for viewing, as if nothing happened. You can actually avoid executing the malware by double-clicking or right-clicking by accessing the drive via the explorer drop-down address bar or the 'folders' button which opens your drive contents for viewing in tree view in the window.


Windows 7, as pointed here says it will improve the feature by fixing the vulnerability. This vulnerability refers to the AutoPlay window, but will it prevent the execution of the malware via double-clicking?


There are several ways to plug this vulnerability in Windows. There is the registry method and the software method. The registry method or hack is described here by Nick Brown which actually disables the function of autorun.inf files completely. Autorun.inf files are treated as non-existent when this method is used. If you're the type who actually uses autorun.inf files(icon changing, cds, etc) and do not want to disable the functionality, but at the same time would want to avoid this type of malwares, there are several softwares to do this but I personally prefer Autorun Eater.


So what do you think?

  • Moderators

I have AutoRun/AutoPlay disabled and always will, even though I make multi-media discs which include an AutoRun feature.


It's easy enough with it disabled to load a DVD full of media like those I make, go into My Computer, then right click the drive and click AutoPlay.

