http://www.theinquirer.net/?article=5354

We've been playing with this for the past few weeks. It doesn't seem able to delete files required by windows, ie DLLs and other ini type files. What it can do is delete HLP files and the such. We were trying to figure out what file we could delete and crash windows xp. We didn't find it, but I'm sure there is one. The most amazing thing is that you have to use the task manager to quit out of the hardware wizard or it will delete the file. A malicious website could easily delete all your HLP files or other non windows critical files very easily.

For those interested here is the Microsoft Knowlege Base article on this:

http://support.microsoft.com/default.aspx?scid=kb;en-us;Q328940

Its amazing that a company with as many resources as MS has can still have these huge security gaps. I guess its the price you pay when you have millions upon millions of lines of code and your OS is the most hacked and cracked on the face of the earth.

This is what worries me about using an open source OS for my desktop. If Microsoft with all its money and talented programmers has these security gaps how many does Linux have?

At least now Microsoft has a priority to fix bugs and security holes. In the past it was a low priority for the company, developing the newest feature was important... everything will be fixed by the next upgrade dont worry mentality.

The last year or so has seen great work in closing security holes... notice the drop in virus attacks, the easy attack methods that were around for years have finally been closed.

Is there anything MS makes that doesn't have a "huge security hole?"

I don't believe my mouse does. :D