INF Autorun Virus - Microsoft's Deadly Invention

INF Autorun Virus - Microsoft's Deadly Invention
Page content

Description

Autorun is the Microsoft’s longest standing un-patched problem which it specifies as a feature and not a trouble. According to Microsoft, Autorun/INF virus is not a virus but a feature that brings up a list of options whenever removable media is connected to the computer. This feature as mentioned by Microsoft was introduced with Windows XP and has been continued since to the other version of Windows. It looks for an Autorun.inf file present on the removable drive, if any, and then performs as mentioned in the Autorun.inf file.

However, for virus developers and hackers this is a great feature which Microsoft never cared to patch. This is more useful to a virus developer and hackers than to windows users as it becomes easy for a hacker to write malicious code in the file, which is then executed on the user’s system.

Using this vulnerability, any malicious code can be run on a computer system infecting it to the fullest extent possible. The original content of the Autorun.inf file is modified with a new malicious code and when Autorun.inf file gets executed, another malicious code is downloaded to the computer. This way it becomes easy for intruders to attack a system.

According to a report submitted by Eset in 2008, it was discovered that 1 out of 15 threats were detected using the Autorun.inf file and this number increased to 1 out of 10 in the beginning of 2009. Even after viewing the extensive exploitation of the Microsoft’s Autorun feature, it never cared to introduce a patch for the same.

Disable Autorun feature

However, Windows Vista users can disable the Autorun feature in the following manner.

Step 1: Click Start Menu and move to Settings»Control Panel.

Step 2: In the Control Panel window, look for the Default Programs icon present in the top row of the programs list. Double-click to open the Default Programs window.

Step 3: Now, click the Change Auto Play Settings options to change the Auto Play settings. From the window, you will find a listing of devices and media on the left, and the corresponding action on the right. Change every corresponding action to “Take No Action” and click the “save” button located on the lower right corner of the window.

Other Windows users will have to follow a cumbersome path of creating a registry key in order to disable the threat of Microsoft’s Autorun virus.

Step 1: Press “Windows key + R” to open the Run window. Type notepad and press enter.

Step 2: Now, add the following line and save the file as “AutorunDisable.reg” using the double quotes.

Regedit4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]@="@SYS:DoesNotExist"

Step 3: Now execute the file and when asked to enter the entry to the registry, click yes.