Vista’s Windows Mail vulnerable to file-execution attack
A design error in Microsoft's Windows Mail, the e-mail application bundled into Windows Vista, could expose users to remote file-execution attacks, according to a warning from security researchers.
A hacker known as "Kingcope" published
proof-of-concept code
to show that remote code execution is possible if a user is tricked into clicking a malicious link.
The error is that Windows Mail will execute any executable file if a folder exists with the same name.
Full article here: Source