After installing Windows, I always disable all of the auto-run features on all of the drives. This one action alone will protect you from half of the malware out there.
Go to the control panel. In Windows 7 there is a icon for “AutoPlay”. Open that up, and turn all the autoplay options to “Take no action”. Here is what it should look like when you are done:
You really don’t want the computer automatically running anything when you put media in. It is an infection waiting to happen. Someone says: “Here, my slides are on this thumb drive” and the next thing you know there is a virus on your computer. Instead, if I really want to run something, I double click on the file. How many times do I need to do this? About once a year. The danger of automatically running something you didn’t want run is far greater than the convenience of eliminating the double click when I do want to run something.
It is really rather unconscionable that Microsoft ships the operating system with this ‘feature’ enabled. Clearly, for unsophisticated users, it is nice to be able to just tell them to plug the memory or the disk, and everything will be automatic. But this is simply too nice for hackers and it is dangerous. Newer versions of windows puts some limitations on autorun, but it depends upon the OS accurately identifying the nature of what it is going to automatically run, and that is just not good enough for me.
LifeHacker says “According to a biannual Security Intelligence Report from Microsoft, AutoRun—the feature in Windows that automatically executes files when you plug in a USB or connect to a network — accounts for almost half of all malware infections. That’s really damn high.”
ThreatPost says “Worms that jump directly from removable media such as USB drives as soon as they are connected to a PC can cause some major trouble, spreading quickly through a network. ” June 2013.
I just completed the security update training at my company. It mentioned that you should never put a memory thumb drive from an unknown source (e.g. something found laying around) into your computer. That is good advice, but it does not go far enough. You should disable autoruns, so that if someone else plugs a thumb drive into your computer, it can not automatically infect your computer.
Screen Lock doesn’t help either. It is ironic: you think that your computer is locked because the screen is locked. But this does not prevent someone from plugging in a USB device. Don’t walk away from your locked computer!
After this brief safety warning, we will return to our regularly scheduled content. Thank you for your patience.