Phish-
That thread was BS. He claimed a jpeg would infect any picture viewer, it was really just a .exe renamed as .jpg or something silly. I think the threads author was Grim_reaper or something similar.
As for the exploit....
All it takes is a creative vector to pull it off... Similar to the latest winamp exploit.
http://www.microsoft.com/technet/sec.../ms04-028.mspxQuote:
AngelicKnight, you would just have to view the picture to get the virus/code to execute on your computer from what I understand, so looking at pop-ups, email, banners, avatars, etc could get you infected.
Theres a list in that link of exploitable software... It would have to be ran in that enviroment to be exploitable. In the list of software that isn't affected, is IE. So avatars, banners, pop-ups... not vulnerable. Unless the vector involves IE.