The move aims to limit the number of AutoRun infections, with the feature itself now an inseparable part of every modern and modular malware bot.
According to Microsoft's data, Win32/Autorun remains within the most popular malware families, with Windows XP users more likely to experience such an infection, compared to Windows 7 users.
A similarity all of these worms share is a common propagation method. They all abuse the autoplay feature of Autorun, many by creating or manipulating Autorun.inf files on network drives and removable media, so that when a user connects, the malware is automatically executed on their system. On average in 2010, about 9% of Windows 7 Security Essentials users reported seeing one of these families at least once per month in comparison to 13% of Windows XP users. In other words, a Windows XP user was 43% more likely to report one of these Autorun detections in any given month in comparison to a Windows 7 user..