You claimed this exploit wasn't easy to exploit. I explained that it wasn't that hard at all. Now, you claim that the method isn't dependent on the exploit. I presume that means you have conceded that it is not difficult to exploit. If so, we can move on.
You are correct that the methodology isn't dependent on this particular exploit: a variant of the MyDoom worm could do the same thing. But, this exploit is one that could fool some users that know to not open an attachment, but are less cautious about clicking on a link to what claims to be a PDF file. It's just another variation on social engineering.
And if you really think my assumptions are so questionable, check this out:
http://www.interesting-people.org/archives/interesting-people/200307/msg00073.html
It's an article from the NY Times, published last year. It opens:
Hackers Hijack PC's for Sex Sites
By JOHN SCHWARTZ
More than a thousand unsuspecting Internet users around the world have recently had their computers hijacked by hackers, who computer security experts say are using them for pornographic Web sites.
The hijacked computers, which are chosen by the hackers apparently because they have high-speed connections to the Internet, are secretly loaded with software that makes them send explicit Web pages advertising pornographic sites and offer to sign visitors up as customers.
Unless the owner of the hijacked computer is technologically sophisticated, the activity is likely to go unnoticed. The program, which only briefly downloads the pornographic material to the usurped computer, is invisible to the computer's owner. It apparently does not harm the computer or disturb its operation.
The hackers operating the ring direct traffic to each hijacked computer in their network for a few minutes at a time, quickly rotating through a large number. Some are also used to send spam e-mail messages to boost traffic to the sites.
[follow the link to read the rest of the article]
So while you seem to be very if not interstingly well versed in virus creation methods, this particular hole isn't even necessary for your described exploit, therefore apparently being another attempt to distract attention from the "SCO Denial of Service Worm" (like that one better?).
I've been commenting on the article that started this thread. If you want to discuss MyDoom/Novarg, I suggest that you return to the thread that you started.
There have been hundreds of threads started since you posted that one. Despite your apparent belief that FR revolves around the threads that you start, starting another thread on similar or completely different topics doesn't constitute an effort to distract people from yours.
I claimed it was very hard to get any significant advantage from this exploit, which is why I got tired of your lectures on proper virus creation which while demonstrating your expertise, you never successfully ever showed it to be of any particular significance in an attack. Therefore, hardly a "devestating" exploit as the author and you seem to have been implying.
As for the rest of your post, sorry, I don't need any advice from the NY Times on computer security, LOL.