- Autorun
Autorun or autoplay (sometimes spelled in
CamelCase as AutoRun or AutoPlay) is the ability of many moderncomputer operating system s to automatically take some action upon the insertion ofremovable media such as aCD-ROM ,DVD-ROM , or flash media.Advantages
AutoRun is intended as a convenience feature: software distributed on a disc can automatically start an installer when the disc is inserted.
Disadvantages
Autorun can pose a security threat, when the user does not expect or intend to run the software, such as in the case of some viruses, which take advantage of this feature to propagate, especially on
USB flash drive s.For instance, an attacker with brief and casual physical access to a computer can surreptitiously insert a disc and cause software to run. Alternately, malicious software can be distributed with a disc that the user doesn't expect to contain software at all -- such as an audio
compact disc . Even music CDs from well known name-brand labels have not always been safe, for example, the2005 Sony BMG CD copy protection scandal .Microsoft Windows
AutoRun
In
Microsoft Windows , AutoRun is handled by Explorer.A CD can contain an file, named
Autorun.inf
, in itsroot directory which contains instructions for what action to perform as the CD is inserted. These instructions can include, for example, a command for aninstallation program to be executed.Traditionally, AutoRun could be bypassed by holding down the keypress|Shift key as the optical disc is inserted into the
optical disc drive . However, this is no longer true starting with Windows Vista.AutoRun can be permanently disabled by setting the "AutoRun" subkey in the
Windows Registry keyHKEY_LOCAL_MACHINESystemCurrentControlSetServicesCDRom
to 0. It is important to note however that this setting actually disables optical media events completely, affecting not only AutoRun but the entire system. This setting should not be used without careful consideration, as it often does not produce the desired behavior.Main options:
* open=binary : executes the binary
* open=Start nonbinary : open the nonbinary file with Windows default program
* label=My data : show the label
* Icon=icon_resource : Changes the drive's icon (from ico or exe file)On-click autorun
It is also worth noting that even when Autorun is disabled, executing default Explorer context menu command, usually done by double-clicking or pressing Enter, to a drive containing
Autorun.inf
in its root directory will still activate AutoRun, if Explorer determines the drive type is capable of AutoRun. This is used by viruses spreading on USB flash drives (virus is executed not when a USB drive is inserted, but when a user clicks on drive's icon in "My computer").There is a way to disable on-click autorun, although this method disables it both for CD/DVD disks (where it can be useful sometimes) and for USB flash drives (where it is almost nothing but a security threat). [http://nick.brown.free.fr/blog/2007/10/memory-stick-worms.html]
An alternative, available from Windows 2000, is to use the group editor to turn off autorun / autoplay for both insertion and Explorer's "on-click" / double-click handling of data CD/DVD's. [http://www.tweakxp.com/article36681.aspx]
1. Start -> Run -> gpedit.msc 2. Computer Configuration -> Administrative Template -> System 3. Double click subkey "Turn off Autoplay" and enable it.
To quote Microsoft [gpedit dialog box on XP Pro/SP2] :
Turns off the Autoplay feature. Autoplay begins reading from a drive as soon as you insert media in the drive. As a result, the setup file of programs and the music on audio media start immediately. By default, Autoplay is disabled on removable drives, such as the floppy disk drive (but not the CD-ROM drive), and on network drives. If you enable this setting, you can also disable Autoplay on CD-ROM drives or disable Autoplay on all drives. This setting disables Autoplay on additional types of drives. You cannot use this setting to enable Autoplay on drives on which it is disabled by default. Note: This setting appears in both the Computer Configuration and User Configuration folders. If the settings conflict, the setting in Computer Configuration takes precedence over the setting in User Configuration. Note: This setting does not prevent Autoplay for music CDs.
It should be noted that this setting does not prevent Autoplay for any removable drive that happens to have a
partition formatted withCDFS , as Windows will assume there must be a copy-protected Audio CD somewhere and turn over full rights to the machine, as per theDMCA .Microsoft also provides a facility to restore Autoplay settings to their defaults, downloadable as the Autoplay Repair Wizard. [http://www.microsoft.com/downloads/details.aspx?familyid=C680A7B6-E8FA-45C4-A171-1B389CFACDAD] ----
How Explorer recognizes AutoRun capability
Autorun can be disabled using the group policy editor
gpedit.msc
.This method, although, doesn't prevent all "on-click" autorun/autoplay behavior (see the discussion above).Finally, AutoRun can also be disabled by the program that controls the foreground window by handling the "QueryCancelAutoPlay" Window message. See the
Microsoft documentation for more details.As shown belown, there are also easier (Windows) OS specific methods.
Windows XP
The registry value
NoDriveTypeAutoRun
at the registry keyHKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer
can be used to disable AutoRun:Changes to this value do not require any system or explorer restart as long as the registry editing is done by any method except the manual regedit method.
This method, although, doesn't prevent "on-click" autorun.
Windows 9x/Me (?)
Explorer uses registry key
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerNoDriveAutoRun
to determine which drives cannot use AutoRun. Bit 0 corresponds to drive A:, bit 1 corresponds to drive B:, and so on.The registry value
NoDriveTypeAutoRun
at the registry keyHKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer
can be used to disable AutoRun. The value should be hexadecimal 95 if AutoRun is enabled on all CDs, or B5 if disabled for CDs. (To test AutoRun on a floppy disk, this value should be set to 91). The system needs to be rebooted for a new value to take effect.After altering AutoRun capability flags, the changes take effect after restarting Explorer.If either NoDriveTypeAutoRun or NoDriveAutoRun specify that AutoRun should be disabled for a drive, then it is disabled for that drive.
ample autorun.inf file
[autorun] ;ShellExecute=index.html icon=foobar.ico action=Foo Bar [This makes a standard autorun.inf file recognized when right clicking a
USB flash drive . Alas, the drive still wouldn't be launched automatically (for that functionality, see Sample USB-ready autorun.inf file).] shell=doubleclick.exe shellconfigure=&Configure... shellconfigurecommand=setup.exe shellinstall=&Install... shellinstallcommand=setup.exe ShellOption1=Text1 ShellOption1Command=option1.exe ShellOption2=Text2 ShellOption2Command=option2.bat label=My backup dataample USB-ready autorun.inf file
In
USB flash drive s, the autorun.inf file needs to be a little different in order to be launched automatically - instead of the "open=" command, it must use "Label=", "shellexecute=" and "UseAutoPlay=1": [autorun] ;open=foo.exe bar ShellExecute=foo.exe bar Label=Label of flash drive UseAutoPlay=1AutoPlay
AutoPlay is the name of a different feature in Microsoft Windows. For example: When AutoPlay is enabled, and the user inserts an audio CD,
Windows Media Player automatically commences playback (alternately, the disc's contents are automatically displayed inWindows Explorer ). As with AutoRun, this feature can be disabled. UnderWindows XP , there is a tab called AutoPlay in the drive properties dialog where one of four different behaviors can be chosen ("Play", "Open folder to view files", "Take no action" and "Prompt me each time to choose an action").The method described above only works for drives that are permanently mounted. It's possible to prevent the AutoPlay feature from searching a removable storage device for something to run every time it's plugged in. This is accomplished using "TweakUI", a utility developed by Microsoft programmers for editing various portions of the operating system without resorting to the registry. In
TweakUI , select "My Computer," then the sub-category "AutoPlay" then "Drives." Disabling all the drives will disable autoplay entirely.Windows Vista offers a control panel applet to configure AutoPlay settings globally. However, holding down the keypress|Shift key opens AutoPlay regardless of the default setting in Windows Vista. [ cite web| url=http://windowshelp.microsoft.com/Windows/en-US/Help/7e1fe788-0747-4e00-895b-c3461b1ddd971033.mspx#E3H| title=AutoPlay FAQs| publisher=windowshelp.microsoft.com]Xfce
Xfce 's file manager,Thunar , contains Volume Management settings, through which the user can make Xfce:
* automount and/or browse removable media when hot-plugged or inserted.
* run programs or open files on new drives and media.
* start a recording program when a blank optical disc is inserted.
* play multimedia on CD, Video CD, DVD, or portable music players.
* import photos from digital cameras and/or sync with handheld computers when connected.
* run a program when a printer, a USB keyboard, a USB mouse, or a graphics tablet is connected.Tools
* [http://www.indigorose.com/autoplay-media-studio AutoPlay Media Studio]
* [http://www.longtion.com/autorun/autorun.htm Autorun Pro]
* [http://www.autorun.com Autorun MAX!]References
External links
* [http://msdn2.microsoft.com/en-us/library/bb776825.aspx MSDN: Enabling and Disabling AutoRun]
* [http://msdn2.microsoft.com/en-us/library/bb776823.aspx MSDN: AutoRun.inf Entries]
* [http://appexp.sourceforge.net Autorun application (open-source)]
* [http://www.phdcc.com/shellrun/autorun.htm Autorun]
* [http://rjlsoftware.com/software/utility/autorun/ Autorun Wizard]
* [http://www.dailycupoftech.com/usb-drive-autoruninf-tweaking/ USB Drive Autorun.inf Tweaking]
* [http://www.tweakxp.com/article36681.aspx GPEdit disable autoplay.]
* [http://www.microsoft.com/downloads/details.aspx?familyid=C680A7B6-E8FA-45C4-A171-1B389CFACDAD Microsoft Autoplay Repair Wizard download.]
Wikimedia Foundation. 2010.