If you have used any computer running Windows within the past 14 years (and who hasn't?), you are probably well aware of the AutoRun feature. Introduced along with Windows 95, AutoRun is a default feature present in every Windows desktop system. The simple concept, putting media in and having the computer automatically run a program on said media has changed little from when it was first introduced. It did eventually morph into two separate features, AutoRun and AutoPlay. The latter was intended to differentiate between content found on a CD, DVD or other removable media, and prompt you with a default action to choose from. What started as a good idea did eventually bring Microsoft a lot of slack, with people blaming infected computers and numerous other issues on this stock feature.
Infection Detections of Malware that Spread via AutoRun
Microsoft has admitted that malicious software are using AutoRun
as a vector for infection, and thus newer versions of Windows (starting with 7) will not feature it for all removable media. Detachable hard drives, USB/thumb drives, rewritable CDs and DVDs and other “generic” mass storage devices will no longer use AutoRun by default. The idea is to reduce the chance of a machine getting infected by plugging in media you aren't sure of.
The commonly known AutoRun feature will be retained for read-only optical media, such as CDs and DVDs, claiming that those are seldom used as a transmission medium for malware or viruses. This may seem like a minor change, but it does represent a fundamental change in the way Microsoft developers are seeing security threats.