Information
This policy setting sets the default behavior for Autorun commands. Autorun commands are generally stored in autorun.inf files. They often launch the installation program or other routines.
The recommended state for this setting is: Enabled: Do not execute any autorun commands
Prior to Windows Vista, when media containing an autorun command is inserted, the system will automatically execute the program without user intervention. This creates a major security concern as code may be executed without user's knowledge. The default behavior starting with Windows Vista is to prompt the user whether autorun command is to be run. The autorun command is represented as a handler in the Autoplay dialog.
Solution
To establish the recommended configuration via configuration profiles, set the following Settings Catalog path to Enabled: Do not execute any autorun commands
Administrative Templates\Windows Components\AutoPlay Policies\Set the default behavior for AutoRun
Impact:
AutoRun commands will be completely disabled.