5.8. In-Memory Injectors over Networks
High profile computer worms such as CodeRed and Slammer inject their code into a vulnerable process connected to the network stack. The virus does not need to manifest itself as an object stored on the disk; instead, it can travel to the new system as a set of network packets.
These highly important techniques, as well as other Win32 memory attacks, are detailed further in Chapter 12.