Well, its been a while, but I thought I’d share this little snippet.
Theres a big hoo-ha going round at the minute about a number of viruses that are exploiting autorun.inf to spread.
You can read all the gorey details over at CERT “Microsoft Windows Does Not Disable AutoRun Properly”
Essentially, the recommended fix is to set a registry key. I did read somewhere that this makes windows handle the file as a Win95 ini file but sadly I can’t find the blog/article where I read that anymore.
Approaching this as a sysadmin and wanting to undertake minimal effort to resolve this issue I’ve create a Group Policy adm file to solve apply it to all the machines in an Active Directory domain. I’ve copied the contents below and attached the file to this post.
To use it:
- Create a new group policy object in your AD
- Edit it, right click on the Administrative Templates folder and remove all the default ones listed and add the one below.
- Right click on the Administrative Templates folder and change the view filtering to not hide settings that can’t be fully managed
- Group poicy editor will now display the setting to disable autorun which will set the appropriate registry key
ADM files are just text. You can either download the one below or copy and paste this (watch for the line wrap on the last line!):
» Read the full post