A hole has been discovered in Windows XP Professional and Home Edition that could compromise a network and be used to get into protected areas.
Reported by bug-finder 'http-equiv' of Malware.com - who has found several critical holes in Microsoft software previously - the vulnerability has been described as “moderately critical”, which means you can still get a cup of tea before you fix it but don’t have a long lunch.
There is a proof of concept available and the official explanation is this: “It is possible to construct a malicious folder containing both script code and an executable file. This can be exploited to make Windows Explorer execute code automatically on a user's system if the user is tricked into opening the folder.”
Microsoft is not due to post patches for a couple of weeks, so it will be a possible route in for a while. The trick is not to open unusual folders. But then that is always the case and everyone still does it.