2cb75d59-8ef3-4fa3-90e1-8bec9e51c703
Allowing autoplay to execute may introduce malicious code to a system. Autoplay begins reading from a drive as soon as you insert media in the drive. As a result, the setup file of programs or music on audio media may start. By default, autoplay is disabled on removable drives, such as the floppy disk drive (but not the CD-ROM drive) and on network drives.
More info: Server: https://www.stigviewer.com/stig/windows_server_2016/2019-01-16/finding/V-73545
Desktop https://www.stigviewer.com/stig/windows_10/2021-03-10/finding/V-220829
Via GPO:
Under Computer Configuration / Administrative Templates / Windows Components / Autoplay Policies / Turn off Autoplay: Enable
https://support.microsoft.com/en-us/help/967715/how-to-disable-the-autorun-functionality-in-windows
Stig Server: https://www.stigviewer.com/stig/windows_server_2019/2020-06-15/finding/V-93377
Stig Desktop: https://www.stigviewer.com/stig/windows_10/2021-08-18/finding/V-220829