Microsoft today announced through a Security Advisory that there is a vulnerability in Windows dating back to Windows 2000, and including Windows Vista. It is said that this vulnerability is already being exploited, and that the attack is generally made through a visit to a webpage, or by viewing an e-mail in a HTML enabled viewer. The result of the attack is the attacker gaining the same rights to the machine as the local user, and having the ability to run code on the vulnerable machine. Microsoft will be releasing a Security Update to remedy this vulnerability.