They work in a similar to the floppy worms years ago in automatically spreading. As a best practice, users should lock down CD, DVD, and USB devices so that they don't automatically run content where applicable. Keeping AV protection up-to-date is also needed based on the increased levels of malware attacks which are surfacing.
Harry Potter worm - New USB based Worm spreading
QUOTE: Hackers are attempting to exploit Potter-mania with the release of a worm that attempts to infect USB memory drives. The Hairy-A worm poses as a file containing a copy of Harry Potter and the Deathly Hallows, the eagerly-anticipated final novel in the Harry Potter series, due out on 21 July. The infected file normally comes on infected USB drives. If users plug these drives into their Windows PCs they are liable to infect their machines, especially if they have allowed USB drives to "auto-run".
Hairy.A Worm - Sophos Press Release and Virus Info
QUOTE: With just weeks remaining until the release of the last ever Harry Potter novel, and the imminent premiere of the fifth movie in the franchise, Sophos has warned of a new computer worm exploiting Potter-mania around the world. The W32/Hairy-A worm can automatically infect a PC when users plug-in USB drives, which carry a file posing as a copy of the eagerly anticipated novel, "Harry Potter and the Deathly Hallows". If the users have allowed USB drives to 'auto-run' they will see a file called HarryPotter-TheDeathlyHallows.doc. Inside this Word document file is the simple phrase "Harry Potter is dead." The worm then looks for other removable drives to infect.
W32/Autorun.worm.g (Move to DAT 5067 or higher)
QUOTE: This detection is for a worm which attempts to spread to removable drives by creating an Autorun.inf file, which will run the worm automatically, if systems which use the removable drive are set to Autorun.
Hairy.A Worm - F-Secure information
QUOTE: This malware was written in AutoIt scripting. It uses an icon of MS Winword.
Hairy.A Worm - Trend Virus Description & Behavior Diagram
QUOTE: This worm arrives as a dropped file through removable drives. It spreads by dropping copies of itself in all physical, removable, and floppy drives. It also drops an AUTORUN.INF file to automatically execute dropped copies when the drives are accessed.
Numerous additional references: