AutoRun is the ability for a device, through the use of autorun.inf, to expose a set of tasks for the user to choose upon insertion of new media into the computer. This could be a USB drive, a CD or DVD, a network drive, or any other additions of new media. The user is shown the AutoRun tasks along with other functions via the AutoPlay dialog.
About a decade ago, diskette use started to wane. Machines began to not include diskette drives anymore. And diskette viruses were effectively removed from the malware landscape. Today, USB media have appeared and are taking on the same role. In today’s malware landscape, AutoRun malware has dramatically increased in popularity. The following chart highlights the increase in the number of different malware samples we have come across in our lab that are detected as Worm:Win32/Autorun:
ScreenShot043.jpg [ 79.29 KiB | Viewed 421 times ]
So, due to this rise in malware usage of the AutoRun system, the Windows 7 team has undertaken a dramatic step to block this specific threat.
The new changes will no longer expose the AutoRun entries in the dialog unless it is removable optical media (CD/DVDs). So, if a USB drive is inserted into a machine, the AutoRun choice will no longer be shown. In addition, changes have been implemented to help clarify actions about to be undertaken by the AutoPlay dialog Continued @ Microsoft Malware Protection Center