Microsoft is investigating the issue, a company representative said in an emailed statement. "As a best practice, users should always exercise extreme caution when clicking on links in unsolicited email from both known and unknown sources," the representative said.
Depending on what the malicious link tells Windows Mail to do, the threat to Vista users could be significant, said Dave Marcus, security research and communications manager at software maker McAfee. "Theoretically, attackers can do a lot of things; they will be able to pass any command through it," Marcus said.
http://uk.news.yahoo...ista-users.html