Look Ma, malware without files!
Wow, instead of an exploit dropping a file onto the file system and running it... a DLL is injected straight into memory from the exploit, leaving nothing to scan on the harddrive. Writen up by a Kaspersky Lab expert: Link to SecureList
All the more reason to get your employees Internet Security Awareness Training
, as not many antivirus companies protect against this new technique.