Vista Compromised by Two-Year-Old Malware

So much for those claims of tight security in Windows Vista: Reports are surfacing that Vista is vulnerable to at least three pieces of malware, "two of which date back to 2004."

You might remember Netsky and MyDoom, two major Internet worms that wreaked serious havoc on Windows systems a couple of years ago. Microsoft scrambled to patch its programs (namely, email clients) responsible for spreading the worms, and according to reports, those worms won't run on the Windows Mail Client, which is the replacement for Outlook Express in Vista. However, third-party clients are still vulnerable: Vista itself does nothing to block the worms.

In related news, good old Microsoft Word (most recent versions) has been found vulnerable to a new attack that can be executed by simply adding a special string of characters to the end of a Word document. This causes corruption in your PC's memory, which then allows an attacker to run his own code.

Microsoft should have a fix available on December 12, when it releases its monthly security patches, so make sure you have automatic updates turned on, or check Windows Update manually. Because this is such a simple attack to perform, you're also advised to update your antivirus software immediately.