I agree BRL, you are fairly dumb to click on a random attachment (but there are lots of dumb PC users...) but being able to deliever a nasty in a real jpeg is a bit different. What if you could stick it in a banner ad, so someone surfing PPRuNe would download it and IE would happily fk up your PC?

I half remember reading something about how it was possible, at least in theory, to hide executable code within a jpeg, so if there's a real live jpeg-transmitted trojan out there I'm quite interested.

<edit> bit of searching found something, looks like it is just opening a stream to windows media player and using some kind of exploit in that, don't think it's a real jpeg exploit - however, don't know if it's real and would still like a link to somebody i've heard of