If you plug a USB drive into Microsoft Windows, in many cases it will try to do things “for you” with the drive. Not a great idea. There could be malware lurking on that USB drive.

There are a couple of things you can do to help mitigate the issue. These tips assume Windows 11.

Turn off Autoplay

  • Open Settings. Press Windows + I to open the Settings app.
  • Go to Bluetooth & devices. In the left sidebar, click on “Bluetooth & devices.”
  • Select Autoplay. Scroll down and click on “Autoplay.”
  • Turn Off Autoplay. You’ll see a toggle switch labeled “Use Autoplay for all media and devices.” Turn this off.

This will turn it off completely. You can, if you want, make individual settings for different types of devices.

Deny Execute Access (Pro or Enterprise versions of Windows 11)

  • Open Group Policy Editor. Press Windows + R, type gpedit.msc, and press Enter.
  • Navigate to the Removable Storage Access Policies. Go to Computer Configuration > Administrative Templates > System > Removable Storage Access.
  • Modify Policies. You can enable the policy “Removable Disks: Deny execute access” to prevent execution from removable drives.
  • Apply and Reboot.

Note, there are some cases where you may want to execute scripts or programs from a removable drive. If that’s the case, you may not want to do this, or make a note of it so you can re-enable if needed.

  • @tomalley8342@lemmy.world
    link
    fedilink
    21 month ago

    That seems to be the opposite of what the others are saying: https://en.wikipedia.org/wiki/Autorun.inf#Inf_handling

    Windows 7, Windows 8, Windows 8.1, Windows 10

    For all drive types, except DRIVE_CDROM, the only keys available in the [autorun] section are label and icon. Any other keys in this section will be ignored. Thus only CD and DVD media types can specify an AutoRun task or affect double-click and right-click behaviour.[9][10]

    • dual_sport_dork 🐧🗡️
      link
      fedilink
      41 month ago

      Malicious actors are getting USB drives to autorun somehow. If they’re not using built in Windows capabilities, they’re engaging in shenanigans emulating HID inputs over USB or something.

      All I know from personal experience is that modern Windows will not autorun a CD anymore, even though up until XP it would.