Hi, this is Will Dormann of the CERT/CC Vulnerability Analysis team. A few months ago, reports of infected digital picture frames hit the media. I was curious about how the malicious code was being executed, so I began investigating the Microsoft AutoRun and AutoPlay features. AutoRun, which was introduced with Windows 95, has two primary behaviors: For certain device types, such as CD-ROM drives,