Having administrative access precludes the need to use this attack vector in the first place.
This is taken from my early-morning-on-a-bad-day-on-the-road reading of the article...
The way I understood it is that once you have high enough access on one machine within the system, you have the ability to get admin access on any other machine in the network, allowing you to download data, install software and so on..
So I'm an admin on a domain controller or other relevant system on a Windows-based network (sorry if my terminology is off, I do not work on these sorts of things), which happens to also be used by the CEO's machine. This access would allow me to take any data I wish from his machine undetected, even encrypted data that is way beyond my paygrade. I can also install keyloggers so any passphrase or other "access code" is easily retrieved by me.
If I got out of bed far too early then please excuse my brain for still being in pre-coffee idle!
Icon : Good fix for most of your security and all of your privacy woes!