WindowsSecrets has a great article about how to quickly stop these attacks, that can be lethal when injected by Flash drives as well as in many other ways besides the obvious tricks.
Most admins think they turned this off already in Drive Properties, or using Vista settings.
Here's what the author said:
I'm no hacker, but I was able in just a few minutes to make an AutoRun file that would run, even with AutoPlay disabled in XP and "take no action" selected in Vista.
The solution? A quick registry change to block AutoRun for all devices all the time.
See the article link above, this is mandatory imho.
As usual, back up the registry before modifying it. If you don't feel comfortable modding the registry, ask somebody else with experience.
Most admins think they turned this off already in Drive Properties, or using Vista settings.
Here's what the author said:
I'm no hacker, but I was able in just a few minutes to make an AutoRun file that would run, even with AutoPlay disabled in XP and "take no action" selected in Vista.
The solution? A quick registry change to block AutoRun for all devices all the time.
See the article link above, this is mandatory imho.
As usual, back up the registry before modifying it. If you don't feel comfortable modding the registry, ask somebody else with experience.