I think most of you know those USB sticks that install themselves plug-and-play (automatically) and they also auto-install a cd-rom driver to use it’s autorun.
This autorun is then used for a system-tray icon and/or a config dialog.
This is quite dangerous, because the .exe file can be overwritten, with a virus for example. So by just plugging it in a pc, ANY .exe that you overwrite it with will launch.
This can be useful for personal usage (when you created a piece of software) but it can easily be abused.
A team of reporters for a tv show here in the Netherlands created a fake virus, with just a kind of stat-counter in it and put it on several of those usb sticks. Then they dropped them on the floor at some government buildings and banks and waited for somebody there to put in in a pc. They got what they wanted, one-fourth of the sticks were used in a pc. Big fail…