Just in time for spring, Microsoft has been busy tending to a new swarm of bugs, including a critical hole in Windows Vista and XP that could expose you to an early-season bite without your doing anything other than being online.
In an attack, a cracker could broadcast rogue TCP/IP packets to a range of addresses on the Internet, possibly including your PC’s. Sounds all too common, right? These rogue packets, however, are designed to trick their way past Windows’ security and hijack your PC, making your machine part of a botnet for sending out spam–or worse, a self-copying worm.
So far, no attacks have occurred. But proof-of-concept code is floating around, so don’t put off applying the patch. If you’ve enabled automatic updates, Microsoft will push the patch to you. Otherwise, you can grab it from Microsoft and install it yourself (Download).
source:pcworld