"This is a fairly fringe attack; it is not common," Kandek says. "We think people are starting to look at these components now and they are branching out to the full functionality of the operating system. Rather than looking at the standard services they are saying what else runs on this OS."

He points out that , and , which were all rated as Important, fall into that category.

"We say this is new stuff and somebody has been looking an new angles on the OS here," Kandek says. "They focus attention that is not so common in order to gain control of these machines, and to ultimately use them in a bot net [in the case of Internet Explorer] or if I had access to a domain controller for something that goes into the identity theft area."