Judging From My Experience With Corporate Germany
...this report could be fully true, except for the "McAfee solutions for the problem" part.
Instead of having a proper (ie speedy, pervasive) patch policy in place, the corpos have two-factor-authentication, x-ray machines to check the bag you bring in and restrictive physical access policies.
Worker's PCs have age-old firefoxes, age-old Flash and age-old JavaWebstart versions installed. Exfiltration by Google Mail's SSL is certainly possible. Spearphishing would be the easiest thing one can imagine.
The management people don't want to be bothered with the problem, they do not want to develop social and technological solutions which would reconcile security with business efficiency. All they are willing to do is to shell out money for some Magical Device, which would fend off the threat at the firewall. Because this does not require interacting with these smelly unshaved computer folks.
A sophisticated AppArmor- or Sandboxie-based solution could thwart this attack. But that would require more than writing a cheque. It would require these "skilled executives" to use their brain cells. Horrible !