Is autorun malware a security issue for organizations running legitimate software, or is it just something that...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
affects users running pirated software? Are organizations that run legacy software susceptible to autorun malware?
Ask the Expert!
SearchSecurity expert Nick Lewis is standing by to answer your questions about enterprise security threats. Submit your question via email. (All questions are anonymous.)
The "autorun" function was abused by malware authors shortly after its debut many years ago. It was intended to make non-hard disk drives -- particularly optical drives -- more user-friendly. When most users put a CD into their computer, they want it to automatically start playing. This same functionality allowed users to quickly install legitimate software from CD-ROMs, and later, DVDs.
However, smart malware authors began exploiting autorun. The function allowed attackers to quickly infect a system by executing a malicious file stored on portable media enabled for autorun -- such as optical discs, network drives and flash drives -- when the file is automatically executed. Today, for security reasons, most client computers have autorun disabled and require users to manually execute files on portable media, whether it's running an installer or playing a music CD. This is not limited to pirated versions of Windows, but pirated versions may be more susceptible to malware since they get security updates, but they might not get upgrades or updates with new functionality.
Old versions of Windows might not allow you to disable autorun, but current versions do (another reason to upgrade or discard legacy Windows systems). Disabling autorun on older systems could potentially affect legacy software that requires a CD in the CD-ROM drive, and require users to manually start some software installations. It's a small inconvenience for users for the sake of improved security, since autorun was abused so widely by malware.
Dig Deeper on Malware, Viruses, Trojans and Spyware
Related Q&A from Nick Lewis
Conficker malware was found in a German nuclear power plant computer system. Expert Nick Lewis explains the possible impact of malware infections of ...continue reading
OneSoftPerDay, an adware program can install backdoors on PCs, is able to avoid detection from antimalware tools. Expert Nick Lewis explains how to ...continue reading
The hot-patching feature in Windows servers is vulnerable to attacks from APT groups. Expert Nick Lewis explains what hot patching is and how to ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.