New code-execution bug found in Windows and 40 apps
When 'safe' files aren't
The flaw involves the way Windows loads "safe" file types from remote network locations, and is almost identical to one that Apple excised in iTunes last week, H D Moore, CSO and chief architect of the Metasploit project, told The Register. He said the bug is “trivial” to remotely exploit, but wasn't authorized to provide additional details about techniques or other vulnerable applications.
http://www.theregister.co.uk/2010/08/18/windows_code_execution_vuln/
