Microsoft has released a fix for the AutoRun feature in Windows that enables the automatic execution of some programs. The situation became a serious problem late last year and earlier this year with the emergence of the Conficker worm. Conficker, which has spread rapidly during the last few months, takes advantage of the feature to execute automatically on infected machines. The social engineering trick comes from the first two keywords (Action and Icon) When you put this in a Vista machine with default settings, an Autoplay window will pop up asking you what to do.
Source: https://threatpost.com/patch-windows-autorun-problem-released-022609/72406/