AutoRun was as soon as an enormous safety drawback on Windows. AutoRun helpfully allowed malicious software to launch as soon as you inserted discs and USB drives into your computer. This flaw wasn’t only exploited by malware authors. It was famously used by Sony BMG to hide a rootkit on music CDs.
The Origin of AutoRun:
AutoRun was introduced in Windows 95. When you inserted a software disc into your computer, Windows would automatically read the disc, and an autorun.inf file was found in the root directory of the disc - it would automatically launch the program specified in the autorun.inf file.
When you inserted a software CD or PC game disc into your computer, it automatically launched an installer or splash screen with options. The feature was designed to make such discs easy to use, reducing user confusion.
If AutoRun didn’t exist, users would have to open the file browser window, navigate to the disc, and launch a setup.exe file from there instead. This worked quite well for a time, and there were no big issues.
AutoRun wasn’t enabled for floppy disks. After all, anyone could place whatever files they wanted on a floppy disk. AutoRun for floppy disks would allow malware to spread from floppy to computer to floppy to computer.
AutoPlay in Windows XP:
Windows XP refined this feature with an “AutoPlay” function. When you inserted a disc, USB flash drive, or another type of removable media device, Windows will examine its contents and suggest actions to you.
In Windows XP, CDs and DVDs would still automatically run programs on them if they had an autorun.inf file, or would automatically begin playing their music if they were audio CDs. And, due to the security architecture of Windows XP, those programs would probably launch with Administrator access.
With USB drives containing autorun.inf files, the program would not automatically run, but would present you with the option in an AutoPlay window.
You could still disable this behavior. There were options buried in the operating system itself, in the registry, and the group policy editor. You could also hold down the Shift key as you inserted a disc and Windows wouldn’t perform the AutoRun behavior.
Some USB Drives Can Emulate CDs, and Even CDs Aren’t Safe:
This protection began to break down immediately. SanDisk and M-Systems saw the CD AutoRun behavior and wanted it for their own USB flash drives, so they created U3 flash drives. These flash drives emulated a CD drive when you connect them to a computer, so a Windows XP system will automatically launch programs on them when they’re connected.
Even CDs aren’t safe. Attackers could easily burn a CD or DVD drive, or use a rewritable drive. The idea that CDs are somehow safer than USB drives is wrong-headed.
Windows Vista Disabled AutoRun By Default, But…
Windows Vista and later versions of Windows won’t automatically run programs without asking you - you’d have to click the “Run [program].exe” option in the AutoPlay dialog to run the program and get infected.
But it would still be possible for malware to spread via AutoPlay. If you connect a malicious USB drive to your computer, you’re still just one click away from running the malware via the AutoPlay dialog - at least with the default settings. Other security features like UAC and your antivirus program can help protect you, but you should still be alert.
And, unfortunately, we now have an even scarier security threat from USB devices to be aware of.
What to Expect With CNC Machining?
The CNC in CNC Machining stands for Computer Numerical Control. CNC Machining is a process used in the manufacturing sector that involves the use of computers to control machine tools. Tools that can be controlled in this manner include lathes, mills, routers and grinders.
What is .NET Framework and Why You Need it to Install Apps in Windows
What is .NET Framework? A framework is something made to support other applications. The .NET Framework is a framework of technologies that is used by applications that, in themselves, rely on .NET technologies. Applications that require the .NET Framework usually heavily factor Internet access into their primary usages.
Extract Emails From the Exchange Server to a PST File Using ExMerge Utility
The Exchange Server has the EDB files to store multiple mailboxes and it makes email much easier to use and administer.
