binary planting bug and WebDav
That means that if you rename Virus.exe as Virus.html, you can get your web browser to load it.
Once it's loaded, you can use some other exploit to execute it.
Web browsers are carefully guarded against this kind of exploit. Other programs, no so much, and if they try to load a carefully crafted "document" or "picture" or "track", they may be broken.
To protect against this threat, some common file names are blocked: for example, stuff ending exe and dll.
And, to protect against this threat, file loading protocols are blocked from the outside world.
Webdav is a common file loading protocol that is not blocked, and .doc and .jpeg and .m4a are file names that are not blocked.
So on Windows, many common generic programs may be exposed to a notional threat which people had intended they not be exposed to.
This is bad, in the sense that using a computer is bad, because it exposes you to malware, because using a computer exposes you to malware. The solution will be to further restrict the way you can use your computer. It has not been a problem before: it only becomes a problem after all the important problems are removed.