Autorun is a function of Windows that provides for automatic execution of a program when removable media is inserted into, or attached to, the computer. It can be used for many functions. However, it is currently widely used to spread malware or attack systems simply by getting a user to plug a USB key/jump drive/thumb drive into the computer. More and more, security specialists are recommending that Autorun be disabled on Windows computers as a matter of course.
(Of course, doing that may create additional problems. I did it on one machine, and all of a sudden I can't connect my new digital camera to the computer in order to download the pictures ...)
One way to deal with Autorun is to hold down the Shift key when you connect something to the computer. You have to remember to do it every time, hope your finger doesn't slip, hope it does work in every case, and hope nobody has found an end run around it.
Disabling Autorun seems to be easier said than done. Here is some detailed advice from the Canadian Cyber Incident Response Centre.
Of course, Microsoft has its own advice on how to deal with Autorun. This is at least their second attempt, Knowledge Base 953252. According to the CCIRC, it doesn't always work.
The How-To Geek provides graphical details of Microsoft's Gpedit.msc.
CERT has fairly limited information on Autorun.
tildemark's advice certainly seems easy, but I'm not entirely certain that it is complete.