A serious vulnerability, that is now being actively exploited, has been found in the MP3 software Winamp 3.x and 5.x from Nullsoft. The vulnerability comes in via a Winamp skin file. (Skin files allow you to customize the look of Winamp.) If you go to a malicious web page you may automatically download the new skin, which triggers code which will then run on your computer. Going to the web page is enough, it appears you don't need to click a link or ask for a download. Apparently, this exploit takes advantage of bugs in both Winamp and Microsoft Internet Explorer, although there are some discussion that this could done on other browsers. There is a write-up at http://secunia.com/advisories/12381/. Credit for reporting this goes to the K-OTik.COM Security Survey Team.

Just imagine, having to tell your boss that you accidently let a virus loose on the office network, because you were looking for a neat paint job for the music player you had been using on the company computer. For more information on bugs, incompatibilities, and other things that can go wrong with your computer, visit the BugBlog.