Virus' in AutoRun on USB data storage devices

[bawldiggle]

I don't have a problem, but my curiosity is piquied, because I use several external USB HDDs including one thumb-drive I share between Linux and Windows machines.

How would I know a USB storage device has a "Shortcut Virus" before it causes problems ?
- by jumanji at http://www.sevenforums.com/hardware...ut-only-shortcut-post3209297.html#post3209297

Jumanji's tip "keep the Shift key pressed for a while so that any "autorun" initiated by the shortcut virus ( if there is one) does not run" ... is very interesting.

I thought "AutoRun" on external USB drives in Win7 and later has been discontinued by Microsoft ?
- the only disks that can/do use autorun are bootable drives and movie disks etc but not data storage devices(?)

I would appreciate any clarification, thank you

 

[Alejandro85]

The autorun vulnerability is in fact present in Windows 7, unfortunately. And as far as I know, it was never removed and even Windows 10 is also affected.

If memory serves, autorun is disabled by default for USBs in Win7, but still enabled for CDs. I think Win8 also disables it by default altogether (not sure though), but the "feature" itself is present and can always be enabled.

Any drive is subject to this, its contents don't matter at all. CD/USB/HD, pretty much everything can be used to exploit this, the only requirement is an "autorun.ini" file in the root of the drive, and it will be run without asking.

The shift key may sound handy, but it's a disaster waiting to happen, it's trivially easy to just forget to press it every time you plug a pendrive or insert a CD. I find this more useful as a convenience shortcut to avoid loading an unwanted program just one time, but it's definitely not a security feature.