.What is "Autorun.inf"?:
"Autorun.inf" is a file that is primarily used on CD's containing information basically on what to do when a new CD is entered into the drive. The type of information that this file can contain, to the best of my knowledge, is an icon to display for the drive, and executables to run, the executable can actually be broken down by platform if needs be.The vulnerability exists because the autorun.inf file does not apply only to CD drives, or even removable media. Actually, this file can be placed on any drive, with exactly the same effects (a refresh of the drive list may be in order). I"ve used it to place cute little icons on my drives. If no icon is specified, the system default icon for that drive is used."
The vulnerability is that it is somewhat arbitrary for a programmer to throw together a small executable that checks the current user, and possibly that user"s permissions on the local machine. This executable could be a file that detects user privileges, and if the user does not possess administrative privileges, then it invokes Explorer on that directory to open the directory like normal. If administrative privileges are possessed, then it can invoke some other executable, such as a trojan horse virus, or it could itself be a trojan horse which implements whatever it"s little virus heart desires, such as promoting privileges on the originating user.
When an administrator logs on locally, they may double click that drive (it can be done to all of them), and run the malicious executable, with out their knowledge.
ScreenShot of Autorun.inf virus:
If a USB device is attached,MoSo Anti-Malware will scan first to block potentially autorun.inf virus threats:
If found a autorun virus, the user is immediately alerted and can prevent the malware running: