I recently came across a description of a vulnerability in Windows’ USB device drivers that allows someone to plug a USB device into your computer and cause the Windows operating system to execute arbitrary code.
This is the stuff that Spys live for, imagine this:
Our agent infiltrates the facility impersonating someone from the cleaning personal, goes to your Windows desktop, plugs his custom made USB device, waits for the green light confirmation from the USB device, and unplugs the USB device.
Nothing is left behind, nothing is traceable back to who did it. During this infiltration the USB device causes a buffer overflow in the Windows’ kernel, causing it to download and execute an information gathering backdoor on your computer.
This is no longer a thing of dreams: http://www.eweek.com/article2/0,1895,1840141,00.asp