What is it?

USB U3 technology allows a user to run applications from a USB thumb drive instead of requiring installation on the computer. When the thumb drive is removed, all files and registry keys used by the application are removed from the PC, enabling portable application use.

How does it work?

The U3 technology makes the thumb drive appear as two separate devices on the machine it's plugged into: one is the thumb drive itself, and the other device appears to the computer to be a standard CD-ROM. In this way, the application launcher can use the autorun capability when the drive is inserted. Unfortunately, this also allows anyone to rewrite the CD-ROM image with an alternative image and run any code.

Should I be worried?

There is a thumb-drive-based hacking tool under development that anyone can download and place on a U3-capable USB device.

How can I prevent it?

Turn off autorun for all CD-ROM devices. Additional mitigation can be done by third-party programs that enforce security policies for physical devices. Some of these programs can also combat information theft via removable devices by shadow-copying any data transferred to thumb drives to a secure datastore for assessment by network administrators.