A just-disclosed bug in Windows Vista's built-in e-mail program can be used by hackers to run malicious code on a victimized PC...Microsoft acknowledged the report, and said it is investigating the vulnerability...

Windows Mail in Microsoft Windows Vista might allow user-assisted remote attackers to execute certain programs via a link to a (1) local file or (2) UNC share pathname in which there is a directory with the same base name as an executable program at the same level...