Microsoft warns of new Windows bug, says attacks under way

"On the same day that Microsoft Corp. released its biggest batch of security patches in more than five years, the company also warned Windows users of a critical bug that it didn't get around to fixing.

"In an advisory posted yesterday, Microsoft said that 'limited and targeted' attacks are in progress by hackers exploiting an unpatched vulnerability in the WordPad Text Converter, a tool included with all versions of Windows. The flawed converter handles Microsoft Word 97 files on Windows 2000 Service Pack 4 (SP4), XP SP2, Server 2003 SP1 and SP2.

"Newer versions of Windows -- XP SP3, Vista and Server 2008 -- are not vulnerable to the bug, however."

Full article at ComputerWorld...