This does two things, it minimizes the storage footprint of the VM, much as similar technology does in virtual desktops, and second it uses the link to ensure clones maintain the patch level and integrity of the golden master.
If you haven't heard by now, the malware exploits a flaw in the Java Virtual Machine, which Oracle pushed a fix for back in February, but Apple didn't patch until a botnet consisting of as many as 650, 000 Macs was identified on March 4th.