The motivation for tricking Vista into allowing malware access to the Internet is plain: "They could then download other malicious code" or hide the command-and-control traffic between an infected PC and the hacker using the machine as a spam zombie or denial-of-service attacker, said Santoyo.

"Assuming an attacker can perform the firewall unblock attack, most of the functionality commonly present in a bot is available," wrote Padilla in his research paper ().

"Yes, I think attackers will try this," said Santoyo. "It's not hard to do."

Microsoft officials could not be reached for comment.