It will, however, disable Media Change Notification (MCN) messages, which may prevent Windows from detecting when a CD or DVD is changed.
Setting the Autorun registry value to 0 will not prevent newly connected devices from automatically running code specified in the Autorun.inf file. The Autorun and NoDriveTypeAutorun registry values are both ineffective for fully disabling AutoRun capabilities on Microsoft Windows systems. Disabling AutoRun, as specified in the CERT/CC Vulnerability Analysis blog, is an effective way of helping to prevent the spread of malicious code. Malicious software, such as W32.Downadup, is using AutoRun to spread. The user selects an option from the AutoPlay dialog that is displayed when a removable device is connected.Rather than exploring the drive's contents, this action can cause code execution. A user clicks the drive icon for a removable device in Windows Explorer.This connection can result in code execution without any additional user interaction.
This includes, but is not limited to, inserting a CD or DVD, connecting a USB or FireWire device, or mapping a network drive. A removable device is connected to a computer.AutoRun (and the closely related AutoPlay) can unexpectedly cause arbitrary code execution in the following situations: Microsoft Windows includes an AutoRun feature, which can automatically run code when removable devices are connected to the computer. However, Microsoft's guidelines for disabling AutoRun are not fully effective, which could be considered a vulnerability. Disabling AutoRun on Microsoft Windows systems can help prevent the spread of malicious code.
0 kommentar(er)
