Autorun and Windows 7

Autorun and Windows 7.

Long time readers know that I think autorun was Microsoft’s longest unpatched vulnerability. For Windows 7 Microsoft has made some serious improvements, but for older versions of Windows Microsoft has ignored the obvious vulnerability and only offered the patch as an optional download instead of making it a critical update, as every security expert in the world knows it is. I provided download links for other versions of Windows in the post here.

Technically, this doesn’t fix autorun, it changes the behavior to make it far less dangerous. In this other post I provide information about actually disabling autorun in some older versions of Windows.

Recently I have received some requests about how to eliminate autorun in Windows 7. Windows 7 actually calls it autoplay and the controls for it are in the control panel under hardware and sound. You’ll find Autoplay there.

Below is a picture of the controls:

The most important entry is for “Software and Programs” which is the stuff that uses the traditional autorun functionality. As you can see, you can control how autoplay responds to a variety of devices, but the safest option is “take no action” for everything. Yes, this means that when you put an audio CD in your computer you will have to learn how to start the music. When you put a DVD in, you have to learn how to play a movie. Learning is not such a bad thing.

Do I think it is really dangerous to let an audio CD play music automatically? No, it is a relatively safe thing to allow, but it is not completely without risk. The same goes for movies, pictures, audio, and video files.

Rather than selecting “take no action”, “Ask me every time” can be a reasonable approach, as long as you DO NOT automatically chose “Run” or “Play” without thinking about what prompted it.

For Software and Games, and Mixed Content, I highly recommend the “take no action setting”.

Randy Abrams
Director of Technical Education

Author ESET Research, ESET

  • Phyllis

    Thank you for sharing this information.  Can you answer a question?  I have Windows 7 and I believe since a recent update, the autoplay function does not work with mass storage devices.  I have a 1 tb click-free and a Lesar 2.0 multi-card reader.  When I plug either one into my laptop, the autoplay menu flickers and then disappears.  The auto-play box is ticked.  How can I fix this so the autoplay menu comes on and stays on? 

    • Randy Abrams

      We do not offer support through the blog. You would need to check with your laptop manufacturer, Lesar, or Microsoft, or perhaps use google to find out if others have had the same problem and solutions they may have found.

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

1 article related to:
Hot Topic

2FA

20 May 2010
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.