Disable USB Auto-Run to Block Malware Entry

Disabling USB Auto-Run is a fast, effective way to reduce the risk of malware spreading via infected flash drives. It prevents Windows from automatically executing files (like autorun.inf) when a USB device is plugged in — a common attack vector in phishing and ransomware campaigns.

Why This Matters

Blocks malware from executing automatically
Prevents data exfiltration via rogue USBs
Reduces insider threat risks in shared environments
Aligns with Australian Essential Eight and ISO 27001 controls
Zero user disruption once configured

How to Disable USB Auto-Run in Windows 11

Method 1: Use Settings App

Press Win + I to open Settings
Go to Bluetooth & devices > AutoPlay
Toggle off Use AutoPlay for all media and devices
Under Removable drive, select Take no action

Method 2: Use Group Policy (Pro & Enterprise editions)

Press Win + R, type gpedit.msc, press Enter

Navigate to:

Computer Configuration > Administrative Templates > Windows Components > AutoPlay Policies

Double-click Turn off AutoPlay
Set to Enabled, choose All drives, click Apply

Method 3: Registry Editor (Advanced)

Press Win + R, type regedit, press Enter

Navigate to:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer

Create or edit NoDriveTypeAutoRun (DWORD)
Set value to 0xFF to disable Auto-Run on all drives
Restart your PC

⚠️ Registry edits can be risky – back up your registry first or stick to the Settings method for safety.

Like this 15-Minute Win? Share it with others!

Some Other Wins to Try...

Implementing Automatic Screen Locks

Enforcing automatic screen locks is one of the fastest, highest-impact controls you can roll out. In under 15 minutes, you can tighten your organisation’s security posture by ensuring every workstation,

At DNG Technology, we’re a small business – just like many of the clients we help. We know firsthand how hard you work to build what you have, and how devastating it would be to lose it. A cyber breach isn’t just a technical issue – it’s personal. And with an average cost per breach of $50,000 for small businesses in Australia, it’s not something anyone can afford to ignore.

We help protect your business by training your team with practical skills, real-world awareness, and everyday habits that stop 95% of the threats you’ll face before they ever become a problem. Then we fill the remaining gaps with proven security strategies, from the government’s Essential Eight to frameworks that make sure you’re covered under Australian privacy law and other compliance requirements.

If you’d like to talk through where your business might be vulnerable, and how we can help fix it, give David or Greg a call on (08) 7078 0310. We’d love to hear your story and see how we can support it.

Don't leave your data security and compliance to chance

Reach out to DNG Technology today to discuss how we can help you protect your data, manage risk, and achieve compliance. Your information security is our top priority and it should be yours.

↑