It works by injecting an autorun.inf file into your USB flash drive which automatically executes an infected exe file. So the malicious file will be executed straight after you plug your USB in. So if you don’t have an antivirus, then bad luck for your poor computer!
The famous Conficker worm also uses this same method to spread its venom.
This change will be implemented in the upcoming release of Windows 7 RC on 5th May (unless if you’ve already downloaded and installed the leaked version ;))