I agree that the bug never should have made it into Vista. I have no
problem with people pointing out bugs and taking Microsoft to task for
them. In this case though the fact that a bug was found and it didn't
compromise Vista is actually a point in favour of Vista's security. I
may be barking up the wrong tree anyway. I heard this morning from a
reputable security consultant that there is an exploit for Vista using
this bug. So far it's hearsay but the people doing the saying usually
know what they're talking about. What isn't clear is the extent of the
exploit and if it compromises the system or just the user. If it's just
the user then Vista security is working as designed. If it's the system
itself then this is the first exploit for Vista that can bypass the
security with no user input. That would surprise me a little bit but not
too much