The Klez worm takes advantage of a known (and old, and patched) vulnerability that allowed automatic execution of an attachment, without necessarily even opening the file.
Good lesson in keeping AV up to date and keeping up with patches. I think even JohnRob would agree that this rule applies to ALL OS's and software. Right John?? :-)