[Steve]

The 'Windows Mail' client in the new Vista Operating system replaces Outlook Express as the built-in mail system; a serious exploit has been discovered which means that a severe vulnerability exists in that part of the system. Microsoft has acknowledged the existence of the possible exploit and is researching its validity.

Symantec's DeepSight network, issued a warning about the vulnerability earlier this week - it rates the threat as '7.5' in its threat scale as the bug can be exploited by remote code. That means an attacker could introduce his or her own Malware onto a compromised computer. By crafting an e-mail message with a link to a malicious file -- one hosted on a remote Internet server, say -- and duping the recipient to click on the link, an attacker could infect a Vista PC with software that steals identities or with a backdoor Trojan horse. If run, "winrm.cmd" -- the Windows Remote Management command-line tool -- would give an attacker complete access to a PC