Sunday, February 12, 2012

Windows 7 and Autorun.inf. Won't work from USB

I'm writing this post to let everyone know that the autorun.inf file will not automatically trigger from a USB drive in Windows 7.  I wrote a post (What is autorun.inf file) talking about the autorun.inf file because this can work for CDs/DVDs and other applications but WILL NOT work for auto starting a program from a USB drive. 

This used to be possible from a USB when I originally wrote the stuff in my files but since Microsoft removed it, its not anymore. I used it for a personal program I had on my USB so I didn't care about getting a virus from the USB.

As a rule of thumb, I always suggested people disable the autorun on their PCs to avoid viruses.  The reason for this is that if it is enabled and someone puts a USB in your computer, your computer can get a virus. It's insane how many people have viruses on their computer and don't even know it.  It's bad practice for people to put updates on a USB and just go computer to computer installing it that way for a few reasons.  First and foremost, its incredibly inefficient for deploying updates.  The second is the virus aspect.

Before you pass judgement on Microsoft for disabling this for USBs, look at the following:
If you insert a USB into your computer with autorun enabled and the autorun.inf pointing to an infected program, your computer now has it. Congrats! The autorun.inf viruses can really suck and wreck havok on things. Seriously bad news. Now in Windows 7, the virus will only transfer to your computer if you manually open the drive. This is great since you now have a chance to scan the drive and clean all viruses before opening it.


  1. Antivirus would have intercepted the rogue program even if it was run from autorun.inf.

    This draconian action by M$ just removes a useful feature and does nothing to improve security.

  2. While I can definitely see your point to the above (and I agree to an extent), I can also see Microsoft's side of the story.

    Antivirus can provide a high level of security but there is still a large window of error that exists. Thousands of different types of malware are introduced every day which lead to gaps as to when these viruses can be detected by the antivirus software. I hate to even bring up the assumption that the target computer will even have antivirus security in place.

    When it comes to protecting against autorun worms dropping fun little payloads on your system (password stealers, backdoors, etc), Microsoft must've came to the conclusion that this feature, while benficial, carried too high of a risk to keep active. I can't say I blame them.

    I would respectfully disagree with the security comment though. It does improve security in that it closes the door to one of the easiest and most exploited paths to compromising a system.