Which I never understood. If it gets to your inbox you don't necessarily need IE to inflict damage. Nor do mail-provided links guarantee remote hosts are available. For this thing to be the primary exploit method, users would be surfing infested websites. Which does occastionally happen like Code Red, but typically require "worm" like propogation, not "virus" like the current SCO attack.
Not necessarily. This exploit might be useful in HTML formatted email. And, once compromised, it would be relatively easy to install a daemon/server that would provide the download link for all email sent by that particular system.
Which does occastionally happen like Code Red, but typically require "worm" like propogation, not "virus" like the current SCO attack.
No, Novarg/MyDoom is a worm that uses email and p2p to propagate. It exploits breaches in security and user psychology, rather than piggy-backing on other programs.
Viruses insert themselves into legitimate programs, just like biological viruses insert their DNA into a cellular organism. Before the 'Net, viruses were spread in boot sectors of floppies or shareware being passed from person to person. They are relatively rare, these days.