Executive Summary
Summary | |
---|---|
Title | Windows Vista fails to properly handle the NoDriveTypeAutoRun registry value |
Informations | |||
---|---|---|---|
Name | VU#889747 | First vendor Publication | 2008-03-20 |
Vendor | VU-CERT | Last vendor Modification | 2008-04-29 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#889747Windows Vista fails to properly handle the NoDriveTypeAutoRun registry valueOverviewWindows Vista fails to properly handle the NoDriveTypeAutoRun registry value, which may prevent Vista from effectively disabling AutoRun and AutoPlay features.I. DescriptionAutoRun, which was introduced with Windows 95, is a feature that causes Windows to automatically take an action when a removable media device is inserted. For example, when an AutoRun-enabled CD-ROM is inserted, Windows may automatically execute a program on that disc. This also holds true for U3-enabled USB devices, which emulate a CD-ROM device as well as provide USB mass storage capabilities. These devices can automatically execute code when they are inserted into a Windows system. The AutoRun action can also take place when the user clicks the icon for an AutoRun-enabled device. AutoRun is enabled by default in Windows. AutoPlay, which was introduced with Windows XP, extends AutoRun capabilities to also allow a menu to be presented to the user, which lists actions that the user may take. AutoRun and AutoPlay can be disabled by setting the CDRom Autorun registry value to 0 and also setting the NoDriveTypeAutoRun registry value to 0xFF. The NoDriveTypeAutoRun registry value is directly tied to the Group Policy setting for "Turn off Autoplay."Windows Vista fails to properly handle the NoDriveTypeAutoRun registry value. According to Microsoft's documentation, setting NoDriveTypeAutoRun to 0xFF should disable AutoPlay for all types of drives. However, when this registry value is present, Vista enables some AutoPlay features that may not have been enabled prior to setting that registry value. For example, if NoDriveTypeAutoRun is set to 0xFF, Vista may execute a program specified in the Autorun.inf file when the device icon is clicked. Other values for NoDriveTypeAutoRun may also enable certain AutoPlay features in Vista. Disable AutoRun and AutoPlay in Vista
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionIniFileMappingAutorun.inf] @="@SYS:DoesNotExist" Below are the original workaround settings that we had published. However, disabling the MCN message may prevent Windows from properly detecting when a CD-ROM is changed. Therefore, the above workaround may be more appropriate.
Systems Affected
References
This vulnerability was reported by Will Dormann of the CERT/CC. Some details were provided by Jeff Gennari of the CERT/CC. This document was written by Will Dormann.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/889747 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Os | 5 |
OpenVAS Exploits
Date | Description |
---|---|
2009-02-02 | Name : Microsoft Autorun Arbitrary Code Execution Vulnerability (08-038) File : nvt/secpod_ms08-038.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
43434 | Microsoft Windows Vista NoDriveTypeAutoRun Auto-Play Bypass |