Microsoft quietly issued a patch designed to fix the flaw in its Software Protection Platform (SPP) technology late last month.

Zero-Day Malware Attacks You Can't Block

The problem lies in a component that is not correctly validating identities, which means that users may have their private information, like credit card numbers, passwords, and social security numbers, “phished” or fraudulently taken.

Source: http://vista.blorge.com/2007/02/27/microsoft-concedes-vista-and-internet-explorer-security-flaw/  

Solution: Microsoft says the best way to avoid such phishing is to simply open up a new Internet Explorer page every time you visit an untrusted web page.

Is this the new and improved better security operating system called Windows Vista to be all about?

A bug in Windows Vista's built-in antipiracy technology is telling some users that they need to reactivate the operating system after they install new device drivers or run newly installed software.

Linux never has or had this problem folks...

What are you talking about?  Have you missed the security updates linux has for either it's core parts,  GNU libs or other apps that distros install?  You're always updating your linux distro just like Windows,  nothing is safe 100%, so get off of your high horse.

And it's a phishing attack, other browsers have had them, if a website tricks you into giving your info to them, that's not the OSs fault, more a browser problem which has hit all browsers to date and gets fixed.  Why do you think they added a phishing filter to FireFox?  If it's so damn secure then it didn't need one right?

Microsoft acknowledged this problem is caused by a system problem in Windows Vista!

"You may be prompted to activate Windows Vista on a computer on which Windows Vista activation was not previously required," Microsoft said in a support document last updated Feb. 15.

Microsoft has posted 32-bit and 64-bit versions of the patch on its web site. Ironically, the patches can only be retrieved by PCs that pass another check to determine if their operating systems are legitimate.

In some situations, the only solution to the problem is to activate the operating system via the telephone!

Seriously, 100% Linux never has or had these types problems, because they do not require you to be locked into Microsoft's market monopoly! Linux doesn't force you to validate, activate and pretend all this is your OS Genuine Advantage!

@ GP007: As for Phishing, that's an issue with DNS! As long as the US monopolizes the Internet, your going to get these types of issues. Also, FireFox had Phishing protection before IE7, which there still is none for IE6! FireFox works better, it's faster, safer and continues to improve with the help of everyone as compared to the proprietary software of Microsoft.

It gets worse, the Windows Software Protection Platform validation system is borderline evil, mostly because the first thing it does is lock the user out from Windows performance enhancements and built-in spyware/virus protection, thus rendering the machine in question less secure. Also, it doesn't give the user an opportunity to clear up the matter immediately if they are already in possession of a legit key. It only provides them with a link to buy a new license key from Microsoft!

In January, Microsoft shipped the a security patch for Vista. It was for the WMF (Windows Metafile) hole.

After installing Vista I no longer have a DVD drive nor a CD drive. Vista will not write to any drive. It tells me that I do not have any drive capable of writing!

I had to go through 3 different printers and drivers because Vista was not compatible with them too!

Ask yourself, why is it that you think Vista DRM is good for you?

What does driver incompatibility have to do with DRM?  Stop with the fud fanboy,  if your hardware isn't compatible with Vista take it up with your hardware maker.   If you can't get a driver to work it's not because DRM is somehow magically or technically blocking your hardware from working.   Where do you get these crazy ideas from?  Have you been spending too much time at slashdot?

And FF had phishing protection first?  the phishing filter hit FF at version 2.0, which was released after IE7 went final, but even before IE7 did go final it had the phishing filter in it from the start.   FFs phishing filter is an exact copy off of IE7, so get your facts right.

And FF is a memory hog, it eats ram like there's no tomorrow, I can all poor programing and bloat.   I don't care for extentions and don't use them, so FF has NOTHING I need.   If it's safer isn't true, you're living in a fantasy land,  they find and release patches for it just like other software products.   Didn't you notice any of the updates it's had all this time?  Do such things escape you?  Or do you never update your linux install at all?

well, I do agree that Firefox is somewhat safer to use than IE, BUT what Angela FAILED to realize is that Firefox has [b]poor[/b] cookie management features compared to the cookie management features found in IE6/IE7 and Mozilla/Seamonkey browsers.  Firefox has NO ability to either block or accept "third party" cookies which is one major flaw of FF that has not been addressed since I first heard about FF.

man this is really getting off topic.  ok time to get back on track,

for those who want the KB929451 patches for Vista, go ahead and get them.  otherwise wait for Vista SP1 and install that instead.