Monday, September 24, 2007

Autorun is hazardous to your health

Steve Riley of Microsoft has a good post here on why you should turn off Autorun, which is the function for the computer to take automatic action if you insert a DVD or CD.


Why is this a bad thing? Basically if a bad guy (or gal) installs a virus on the CD, your machine will run it automatically - thus compromising your machine.

Steve provides some instructions to turn it off in Windows (XP and Vista). Not to steal my own thunder, but this is one of the simple configuration changes I'll be instructing you to make on your own machines (both Windows and Mac). This is in Step 2 of the Security Mike Guide.

Just in case you aren't sold, some of you may remember a few years back when Sony got into big trouble for installing a "rootkit" as part of their digital rights management on some audio CDs. Once you popped the CD in, your machine was compromised and it took a few steps (including tuning the registry) to clean it up. I fell for that once myself.

Turn off Autorun. Do it right now.

No comments: