Vulnerability Development mailing list archives

Re: What about NT's AUTORUN Vulnerability!

From: Ian Kayne <Ian.Kayne () SOFTLAB CO UK>
Date: Thu, 15 Feb 2001 09:38:06 -0000

Under Win2k, this is a security policy. Find it by going Computer Policy -
User Configuration - Administrative Templates - System - Disable Autoplay.
Options are to disable on CD drives or all drives.

For the non-MMC minded, you'll need to add the "Local Computer Policy"
snapin to a new console.

You can ofcoz roll this out through AD OU policy templates.

Ian Kayne
Technical Specialist - IT Solutions
Softlab Ltd - A BMW Company

-----Original Message-----
From: Samuel festus Stover [mailto:sstover () VISTO COM]
Sent: 14 February 2001 13:31
To: VULN-DEV () SECURITYFOCUS COM
Subject: Re: What about NT's AUTORUN Vulnerability!

Is this registry entry for WinNT or Win2k?  I checked my
Win2k box and didn't have the explorer key in policies.

S. festus

Blame is for God and small children.
Dega/"Papillon"

FYI.... The best way I've found to secure yourself from this

is to set:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer

NoDriveTypeAutoRun = 7f

This turns autorun off for ALL drive types.




______________________________________________________________
_____________
Visit http://www.visto.com/info, your free web-based
communications center.
Visto.com. Life on the Dot.



********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom
they are addressed.

If you are not the intended recipient or the person responsible for
delivering to the intended recipient, be advised that you have received
this email in error and that any use of the information contained within
this email or attachments is strictly prohibited.

Internet communications are not secure and Softlab does not accept
any legal responsibility for the content of this message. Any opinions
expressed in the email are those of the individual and not necessarily
those of the Company.

If you have received this email in error, or if you are concerned with
the content of this email please notify the IT helpdesk by telephone
on +44 (0)121 788 5480.

********************************************************************

Current thread:

Re: What about NT's AUTORUN Vulnerability! Nelson Brito (Feb 10)
- <Possible follow-ups>
- What about NT's AUTORUN Vulnerability! Nelson Brito (Feb 10)
- Re: What about NT's AUTORUN Vulnerability! O'Kelly, Aidan (Feb 13)
  - Re: What about NT's AUTORUN Vulnerability! Shoten (Feb 13)
- Re: What about NT's AUTORUN Vulnerability! Loschiavo, Dave (Feb 13)
- Re: What about NT's AUTORUN Vulnerability! Samuel festus Stover (Feb 14)
  - Re: What about NT's AUTORUN Vulnerability! Jesper M. Johansson (Feb 16)
- Re: What about NT's AUTORUN Vulnerability! Loschiavo, Dave (Feb 16)
- Re: What about NT's AUTORUN Vulnerability! Ian Kayne (Feb 19)