Microsoft flubs a way to disable AutoRun in XP

Susan bradley By Susan Bradley

Microsoft’s instructions for disabling AutoRun in Windows XP, which I referred to last week, pointed to an incorrect Registry key.

It’s easy to find the correct key, however, and understanding this Registry tweak can give you fine-grained control over the kinds of external media that AutoRun is allowed to work on.

Last week’s Top Story covered Microsoft’s delay in releasing an AutoRun patch for Windows XP and Server 2003. Many people want to disable AutoRun entirely, because when it runs the autorun.inf file that’s often found on CDs, USB drives, and other removable media, your machine can silently become infected. Prior to the patch, Microsoft’s official method for disabling AutoRun could be circumvented by hackers.

Unfortunately, Microsoft’s Knowledge Base article about disabling AutoRun included some misinformation. The document specified a location in the Registry that can be used to disable AutoRun, but the location exists only in Vista. The key is in a different branch of the Registry in XP.

To clarify the process of configuring XP’s AutoRun settings, I’ve created a Web page with screenshots to help explain the steps once and for all.

This article is part of our premium content. Join Now.

Already a paid subscriber? Click here to login.

= Paid content

All Windows Secrets articles posted on 2009-03-12:

Susan Bradley

About Susan Bradley

Susan Bradley is a Small Business Server and Security MVP, a title awarded by Microsoft to independent experts who do not work for the company. She's also a partner in a California CPA firm.