746184bf-3f96-4365-8bb4-c7abf8a772ac
Allowing AutoRun commands to execute may introduce malicious code to a system. Configuring this setting prevents AutoRun commands from executing.
Via GPO:
Under Computer Configuration / Administrative Templates / Windows Components / Autoplay Policies / Set the default behavior for AutoRun: Enable - And Select "Do not execute any autorun commands" under "Default Autorun Behavior"
STIG: Server: 2016 - https://www.stigviewer.com/stig/windows_server_2016/2019-01-16/finding/V-73547
Server 2019 - https://www.stigviewer.com/stig/windows_server_2019/2020-06-15/finding/V-93375
Desktop https://www.stigviewer.com/stig/windows_10/2021-03-10/finding/V-220828
Disabling Autorun by GPO: https://www.techrepublic.com/article/how-to-disable-autoplay-and-autorun-in-windows-10/
NIST 800-171: 3.4.6 3.4.7
NIST 800-53 Rev4: CM-7(2)
CMMC Level 2: CM.2.062
CMMC Level 3: CM.3.068