Autoplay was a security hole on older versions of Windows, but can I trust newer version like Windows 8 or 10 to insert USB stick without turning autoplay off?
-
We should consider a distinction in device types. a) Storage, i.e. a CD, DVD, or an actual USB flash drive which can have malicious data loaded onto it. b) Advanced devices, i.e. a USB keyboard, or tricky inconsistent mechanism, which just looks like a flash drive but has programming within. **So** Point b applies to untrusted **hardware** and is much harder to thwart, but point a applies to untrusted **data** loaded onto any device, even one you loaned out. – 700 Software Dec 11 '15 at 22:34
-
Related question: [Is there any way to safely examine the contents of a USB memory stick?](http://security.stackexchange.com/q/103088/27444) – 200_success Dec 12 '15 at 04:21
5 Answers
The difference in modern version of Windows is that Autoplay is off by default, but it is still available and can be enabled. However, if you do not know the current Autoplay configuration of a Windows machine, you should check it before inserting a suspect stick.
- 15,394
- 37
- 62
-
5Checking that autoplay is off will protect you from malicious data media (e.g. a malicious cd/dvd), but a hostile USB device can do a lot of interesting things without autoplay. – Peteris Dec 11 '15 at 19:37
-
How would one check this? If someone comes here and reads this answer, I don't want them to give up and do it anyway because finding the setting is too difficult. – Ky - Dec 11 '15 at 19:52
-
@BenC.R.Leggiero, Google is your friend: http://www.thewindowsclub.com/set-autoplay-defaults-windows-10 – Broots Waymb Dec 11 '15 at 22:44
-
@DangerZone Google brought me here :P - Also, the link you provided just seems to be telling Windows to "Open a folder or play an audio/video file". I'm not sure this is the same kind of AutoPlay we're talking about? – Ky - Dec 14 '15 at 18:06
Although you ask specifically about Autoplay, I take your question more generally to be;
Can I trust newer operating systems like Windows 8 or 10 to [protect me when I] insert a USB stick?
To which I answer, NO, you can not trust any operating system to protect your computer from any USB of unknown origin. You should not plug in any untrusted USB into any computer if you are afraid of compromise. As @sebastian pointed out, there are USB devices that can physically harm your PC without autoplay, and there are also devices such as Rubber Ducky which can 'pretend' to be a keyboard and then type malicious commands (drop payloads) onto your machine. So not having autoplay on does not make you safe from viruses/malicious-code on usb sticks.
- 445
- 2
- 13
In addition to n00b's answer above, I'd like to point out that autoplay is only disabled by default for removable devices. If you can reprogram the controller (think BadUSB), then you can make a flash drive that tricks the host computer into thinking that the flash drive is really a USB CD drive. There are actually legitimate uses for doing this - for instance, U3 USB drives (https://en.wikipedia.org/wiki/U3) use this to automatically run a launcher program from a read-only partition. (This was actually originally for compatibility with older systems lacking autoplay.)
- 151
- 4
To answer your question literally, an auto played data flash drive will not harm your computer in windows 10.
Provided your windows 10 is up to date and your virus definitions are up to date.
I did this just this morning, and it did not affect my PC.
I scanned and removed the virus with windows defender, then restored the files on the disk to their previous states using attrib command in privileged command prompt.
- 101