Ya, the method CERT recommends is the one that Ben detailed in his follow-up.
http://www.us-cert.gov/cas/techalerts/TA09-020A.html - Andy O. >-----Original Message----- >From: Kim Longenbaugh [mailto:[email protected]] >Sent: Thursday, January 29, 2009 9:23 AM >To: NT System Admin Issues >Subject: RE: Malware and USB flash drives (was: Bookmark management >programs) > >I think someone already posted pieces from this alert, but check out the >whole thing from CERT. >"US-CERT Technical Cyber Security Alert TA09-020A -- Microsoft Windows Does >Not Disable AutoRun Properly" ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
