“Historically, computer users would not regard BMP files as capable of infecting computers. However, there appears to be a bug in the Microsoft code which handles the Windows BMP file format which can allow executable code held inside the BMP file to be executed.”
Link: Sophos on Troj/Agent-A
