It has not been possible to disable this "Autorun" feature sufficiently to prevent infection. You can imagine the "discussion" that the DoD had with the Lads from Redmond. So now there's a patch that fixes this enormous security hole - you know, the one that malware used to infect military computers.
Except it's not a security patch:
Ironically, Microsoft describes the fix as a "non-security update," and it offers this explanation: "In this case, we are communicating the availability of an update that affects your ability to perform subsequent updates, including security updates. Therefore, this advisory does not address a specific security vulnerability; rather, it addresses your overall security."Huh? Classified computers got infected. I-N-F-E-C-T-E-D. But no security fix to see here. Move along, folks.
This episode doesn't pass the sniff test. The fact that they feel the need to spin us speaks volumes about their attitude towards security.