AnsweredAssumed Answered

105171 Windows Explorer Autoplay Not Disabled for Default User

Question asked by John Forth on Oct 24, 2017
Latest reply on Dec 8, 2017 by James McCord

We have a question about this QID.  Our organization already has AutoRun disabled via GPO in HKLM and HKCU.  Is this QID specifically targeting HKUsers\.Default?


If so, how have others resolved this?  HKU\Default is the built-in system account for Windows and not affected by GPO. Or is setting it appropriately in GPO for Machine and User enough?


Is it a false detection in the event a scan is done when no user is logged on to the machine at the time of the scan done by our Vulnerability Management Team?


Thanks in Advance!