Published: 2009-01-22T02:35+00:00
Last Updated: 2009-03-01T01:57+00:00
JVNTR-2009-03
Microsoft Windows Does Not Disable AutoRun Properly (TA09-020A)
Overview
Disabling AutoRun on Microsoft Windows systems can help prevent the spread of malicious code. However, Microsoft's guidelines for disabling AutoRun are not fully effective, which could be considered a vulnerability.
Event Information
| Date (UTC) | Description |
| 2009-02-24 19:23 |
Microsoft Microsoft Security Advisory (967940): Update for Windows Autorun The update corrects an issue that prevents the NoDriveTypeAutoRun registry key from functioning as expected. |
| 2009-01-21 04:42 |
US-CERT TA09-020A: Microsoft Windows Does Not Disable AutoRun Properly Via US-CERT Mailing List |
| 2008-09-11 |
Microsoft KB953252: How to correct "disable Autorun registry key" enforcement in Windows (Revision: 3.0) This article describes how to obtain updates that correct these (AutoRun features) registry key settings. |
| 2008-04-24 23:12 |
US-CERT The Dangers of Windows AutoRun Investigation report of the Microsoft AutoRun and AutoPlay features A few months ago, reports of infected digital picture frames hit the media. I was curious about how the malicious code was being executed, so I began investigating the Microsoft AutoRun and AutoPlay features. |
Other Information
| CVE |