Exactly. I always do this, and also use VM to test-drive apps before installing on my main (host) PC. No viruses, no malware, no corruptions, no problems!
Edit: ...and always disable AutoRun after a Windows installation.
Edit: ...and always disable AutoRun after a Windows installation.
Always do ... what? Always attach found USB to a computer running Knoppix from write-only media? Always attach found USB to a computer running a VM? Always attach found USB to a computer running Knoppix from write-only media within a VM? Great.
What protects your BIOS/FW? What protects your hypervisor?
When I want to read a "dangerous" USB stick, I launch my "test VM" in VMware and mount it there. AutoRun is disabled on both the host and the guest OS. Never had any issues in 25 years of Windows computing.
How can mounting a USB stick on an AutoRun-disabled VM affect your host's BIOS? Honest question, I want to know.
Well, I must admit that I don’t know all the possible attack vectors. But as one potentially eye-opening matter, your example of ‘AutoRun’ indicates you are assuming that the device identifies only as a storage class device, and that said storage device contains only a filesystem that is know to Windows.
Don’t lost track of the fact that USB is an acronym for Universal Serial Bus. That device could contain any number of USB endpoints, each implementing a different device class. What if one of the endpoints identifies as a Human Interface Device — for example a keyboard — and injects a number of commands to the system? From the users perspective, invisibly. Or even deeper, a bridge device, giving it access to the underlying I2C bus - maybe even the SMB?
)