As Microsoft diligently prepares to launch Windows 7 it will be working hard to fix all the holes in the OS before its launch; one hole that has yet to be fixed is an exploit using the auto play feature for USB drives.
The Register reports the exploit works by creating a malicious autorun.inf file and loading it onto a USB peripheral. When a user accesses the auto play menu it may appear that they are only opening a folder on the USB device when they are actually installing malicious software on their computer.
This exploit currently works on both Windows Vista and Windows 7 beta. Microsoft is still developing Windows 7 so there is a good probability that this hole will be patched when the OS launches sometime later this year.