Microsoft recently released two new patches, one of which fixes a security hole that the company has been trying to plug since 2001. Amazingly, no one exploited the hole during those seven years.
Previous patches had mitigated the problem, so Microsoft rated its severity level as Important, the second-highest rating on the company's four-tier scale.
This bug primarily affects Windows XP (which some 700 million people still use) and Windows 2000. For Windows Vista, the risk is only Moderate, Microsoft's second-lowest rating, and the bug affects a key authentication protocol for a network technology called System Message Block (SMB). Exploiting the security hole would let an attack program capture user or program credentials, granting a successful attacker full control over the compromised PC.