While that’s not entirely surprising in itself (after all, the OS has been commercially available for over 3 full days now), the nature of the flaw is both amusing and somewhat shocking.
Vista adds new speech recognition features, allowing the user to issue commands to the computer by speaking. At least, I’m assuming this is new. Mac OS has had speech recognition for at least a decade, but it used to require extensively “training” the computer to recognize your voice. I’m guessing that the new speech recognition software doesn’t require that kind of training, sort of like how pizza places now have speech recognition software that answers the phone and takes your order.
So, on to the exploit: if speech recognition is on, and the computer’s speakers and microphone are both on, it would then be possible to visit a website that autoplays an MP3 of a voice issuing commands to make the computer do all sorts of nasty things (like erasing files off the hard drive)!