The autorun function was abused by spyware and malware creators shortly after its debut many years ago. It was intended to make non-hard disk drives — particularly optical drives and thumb drives, more user friendly. When most users insert a CD into their computer, they want it to automatically start playing. This same functionality allowed users to quickly install legitimate software from CD-ROMs, and later, DVDs.

Unfortunately, smart spyware authors began exploiting the autorun feature. The function allows attackers to quickly install malware on a system by executing a malicious file stored on portable media such as a thumb drive that is enabled for autorun.  Such media susceptible to the autorun issue includes as optical discs, network drives and flash/thumb drives.  Today, for security reasons, many client computers have autorun disabled and require users to manually execute files on portable media, whether it’s running a software installer or playing a music CD. This is not limited only to pirated versions of Windows.  However, pirated versions may be more susceptible to spyware since they get security updates, but they might not get upgrades or updates with new functionality.

Older versions of Windows might not allow you to disable the autorun function, but current versions do (another good reason to upgrade or discard older Windows systems). Disabling autorun on legacy systems could potentially affect older software that requires a CD to be in the CD-ROM drive, and require users to manually start certain software installations. It’s a minor inconvenience for users for the sake of improved safety and security, since autorun was abused so widely by spyware and malware.  Go here for information on how to disable autorun.