In mid November Microsoft issued a patch fixes a critical flaw found in Windows XP and Windows Server 2003 systems, which have Internet Explorer 7 installed. Before that, cyber criminals have been knocking out spam messages that try to install spyware when users clicks the link.
Criminal and hackers have been targeting this vulnerability to break into the machines and steal data. The vulnerabiluty is not found in Windows Vista. Microsoft terms this vulnerability as critical in nature, this may be called “the URL vulnerability” or “PDF vulnerability”.