Question

Locked

Disable autorun feature

By AFCSA ·
I ran a vulnerability scan against one of my workstations. It showed that I needed to disable the execution of the Autorun.inf files.
The scanner was looking in the following location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf

My question is:
If there is no registry entry for Autorun.inf is this really a vulnerability or a false positive?

Any help would be appreciated. I looked in Microsofts KBs and they have you change settings in a totally different location to disable the autorun feature.

This conversation is currently closed to new comments.

4 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

The most foolproof way is the reg change you mention

by robo_dev In reply to Disable autorun feature

See the wiki article about some malware that can exploit things otherwise:

http://en.wikipedia.org/wiki/AutoRun#Changing_Registry_settings

Collapse -

doing it globally in Vista

by jck In reply to Disable autorun feature

quickest way to disable autoPlay globally is to just uncheck the "Use AutoPlay for all media and devices" box

Collapse -

If there is no registry entry for Autorun.inf is this really a vulnerabilit

by OH Smeg In reply to Disable autorun feature

Yes it is a Venerability and depending on what you are using this computer to do it may be beneficial to disable the AutoRun Feature.

The reason it is a Venerability is that it will allow any code to run without you authorizing it and if that code was a Infection of some sort that you got in an Attachment in a E-Mail or from visiting a Infected Web Site it would autorun and infect your computer. That is the venerability.

And in answer to the finial bit of your question No it's not a False Positive.

Col

Back to Peripheral Forum
4 total posts (Page 1 of 1)  

Related Discussions

Related Forums