Closing the gate after the horse has bolted
Hmmm... surely this isn't a security issue per-se. What the researchers have shown is that *after* a Trojan has successfully got onto a users machine it can use all the facilities of the native environment to do what it wants... and surely we all know this by now!
In a simillar vein I have 'discovered' that once a Trojan has subverted my machine it can download software from anywhere using any method it wants! Is this *really* research or just headline grabbing?