AutoIt Security Implications

[CJakov]

We are planning to use AutoIt as a scripting utility on Windows XP platform.

Is anybody aware of any security implications associated with using AutoIt on Windows OSs?

Thank you.

[evilertoaster]

AutoIT usually just implaments API calls...so in that sense it's as secure as XP itself.... (not saying much)... Installing the inturpiter simply allows you to run .au3 files ( so malacious programs could be in a au3 format instead of say an .exe which is filtered by more anti-virus programs ect)...that's really the only thing to consider..but you could always just not install the intupriter and compile them into .exe anyways

[PsaltyDS]

We are planning to use AutoIt as a scripting utility on Windows XP platform.

Is anybody aware of any security implications associated with using AutoIt on Windows OSs?

Thank you.

To do what, exactly? AutoIT can do horrible things if scripted to do so, but no more so than VBS or a .CMD batch file. AutoIT uses standard Windows APIs and is no more or less secure than they are. I haven't seen anyone point out NEW security problems brought in by using AutoIT, that aren't just a product of the Windows environment it runs in.

Every once in a while Symantec or McAfee start calling out AutoIT files as risks because somebody, somewhere wrote a malicious script using it and the antivirus companies were not careful in creating a new signature for it. Its like calling out all .BAT files as viruses because somebody wrote malicious batch file once. Even worse, sometimes it's just because AutoIT uses some common component like a compression module. There is a whole sticky thread on this.

P.S. I compile all my scripts that run on other machines, so AutoIT is only actually installed on my coding workstation. The .exe files of the scripts all go to a network share and get run from there with nothing new added to the target machines.

Edited April 11, 2007 by PsaltyDS