"...crafts a Windows Cabinet file..."
"Next, the intruder crafts a Windows Cabinet file (CAB)..."
The intruder is far more likely to be a bored teenager who has downloaded the required malicious CAB file from somewhere.
It's a very common mistake, when evaluating the odds of such attacks, to mindlessly overlook the very existence of script kiddies.
Considering that script kiddies dominate, it's really a monumentally stupid error. But it's an error that I've seen explicitly performed several times in various situations.