Autorun

The AutoRun technology is a Windows® feature Microsoft introduced in Windows 95. It allows Windows Explorer to automatically launch programs from inserted storage drives and other media. Its command is rooted into the applications and can’t be edited by users.

The AUTORUN.INF text file, used for both the AutoRun and AutoPlay features, is placed in the root directory of a volume or storage drive to launch specific applications, such as installation of files. Cybercriminals abuse this technology by using worms that propagate through physical, removable, and network drives and by leaving a file named AUTORUN.INF. This file is used to automatically execute malware each time the infected drive is accessed.

The AutoPlay feature was updated in Windows 7 to address this issue by removing the ability to automatically launch programs from non-optical media such as USB drives.