From a security perspective, yes, autorun is diabolical.

However, from an end user perspective, (and by that I mean those that use computers outside the IT industry) it used to be a god send.

Unfortunately many (most?) non-IT people really don't have a clue what to do with a new disc... Many still don't.

If the computer doesn't do anything when they insert their disc I've had users return them (both discs and drives) as "broken", when the reality was, autorun was disabled.

It's always a balancing act between security and user stupidity.

Unfortunately many of the features that make it really easy to use a computer, also present an unhealthily large attack surface :(

You need to load all the very latest Microsoft patches for your computer, including a fix for the disable-autorun feature sometimes letting autorun run after all, and I think a fix for the recent "Just looking at the folder contents in Windows Explorer harms your computer" vulnerability. And, yes, current anti-virus. Also, patch PowerPoint itself. Or... can you use OpenOffice? Not that it's totally safe either... and then you probably have to patch Java...

I saw a test of sample boxes of generic SD cards, 30 per box, from China. In a typical box 2 were formatted Fat32, 1 was completely dead, and 2 were infected with a virus and an autorun file. The remainder were formatted FAT16 and tested OK. The variety suggests an "irregular" origin too.

Obviously auto run needs to be killed. Most virus checkers will scan a new SD or other card plugged in automatically.

Sleeping with STD ridden whores will get you infected eventually no matter if you use condoms. Antivirus gives false sense of security. People need to learn and change their habits, not to stay ignorant and ask for more protection from themselves.

Two solutions in fact:

(1) Microsoft issues a patch that alters registry settings to defeat autorun by default;

(2) Businesses sysadmins should roll out the registry fix centrally, even before the patch becomes available.

I agree totally with bigger_luddite: autorun was a hostage to fortune from the very start, and should never have been a default. I am astonished that even with the benefit of hindsight, it is still the detault for latest Windows versions.

I have to use my own laptop computer for student MS Power Point presentations. As you can imagine I am not overly thrilled by the idea. I have created a general user account with auto-run turned off. I have also used the Parental Control feature to lock out this account from all programmes except MS Power Point. Will this protect my computer? If not, could someone please advise me what actions need to be taken to effectively secure my laptop? Thank you for your help.

Is there a way to scan your usb flash drives to clean them?

Making it the default, even stupider. Just the annoyance of having programs launch when inserting a CD is so far beyond ordinary stupidity that it could only have been deliberately done by the evil dimwits at M$.

If it's important to protect your systems, it's important to buy only truly secure USB Flash drives. SPYRUS makes drives that can be locked down to one or more PCs, so that they cannot be used outside of your organization. They also will prevent unauthorized flash drives from mounting. Finally, they are designed and manufactured in the USA in secure facilities using controlled parts, so that you don't need to worry that <insert has inserted a kill switch to be triggered when the cyberwar starts.

Data containment is what it's all about.