According to an article in InformationWeek, a privilege escalation vulnerability has been found in Windows Vista.
The vulnerability was reported to Microsoft by eEye Digital Security on the 19th of January.
Marc Maiffret, Chief Hacking Officer of eEye said:
with this vulnerability, you can elevate yourself to system-level access. Any normal user can do anything they want to the system.
He went on to speculate that:
If it was coupled with a virus or a different remote vulnerability, it would be a lot more serious… On its own, though, it’s only medium [threat]
Oh dear! How much did Microsoft invest in Vista again?