This is a great topic, and definitely one of those areas that underscores why WIDS/WIPS solutions that monitor traffic in the air are becoming mandatory for the enterprise. At its most reduced form, these virtualized soft APs allow any laptop in your environment to become a rogue AP that you can't see from the wire.
Virtualization is really at the heart of the matter, and its not an issue that is going away or limited to just one OS or technology. What we are seeing here is a WiFi adapter that can not only behave normally as a client, but can also simultaneously behave as an access point that other devices can connect to. This means that a laptop could be properly logged in and authenticated to the enterprise network, and then essentially bridge that connection to other unapproved devices. Wired only methods would miss this threat because the rogue AP is riding along on top of an approved wired connection, so it really does force you to be statefully monitoring all wireless connections over the air.

Good question Joanie. Windows 7 Virtual WiFi Adapter is a bigger threat than hardware-enabled rogue APs. Here you have a scenario hundreds of laptops can be turned into software-enabled rogue APs within minutes. While Microsoft has enabled this for ease of use to allow users to connect their personal devices (example: Smartphones) via laptop to get internet connectivity, this represents a significant threat to enterprise security. End-users have a good case of using this at home or while on the road but can cause significant breach to enterprise security if used at work.

Lastly, one shall note these software-enable APs can appear and disappear quickly and in large numbers as compared to hardware-enabled rogue APs. Thus integrated-WIDS systems which do part time scanning are not capable of quickly detecting these threats and dealing with them. You really do need dedicated overlay WIPS system for managing threats like these.