Don't open unknown PowerPoint presentations or you might cop an unexpected extra, according to Microsoft's announcement of yet another critical security flaw. One false click and "... the attacker would then have complete control over everything the user's account has permission to do on the system." 

Meanwhile the BBC reports that McAfee reckon 12 million computers have been been hijacked by cyber-crims since January. With "20,000 plus new samples of malware detected every day", (a figure I find hard to believe), the US apparently "hosts the world's largest percentage of infected computers at 18% with China a not too distant second with just over 13%."

And while it might not happen often, once the bad guys get control of your machine they can do anything they like with it -- and that includes invoking the so-called 'nuclear option'. "Roman Hüssy, a 21-year-old Swiss information technology expert, ... last month witnessed a collection of more than 100,000 hacked Microsoft Windows systems tearing themselves apart at the command of their cyber-criminal overlords." The Washington Post has more.

If that's not cheeful enough, researchers at the University of California Santa Barbara managed to take control of a botnet for 10 days to see how it worked. In that time they picked up;

• 297,962 username and password pairs from 52,540 different infected PCs.

• 1,660 unique credit and debit card numbers (including 30 from a single user!).

• Login credentials for 8,310 accounts at 410 different financial institutions.

• Access credentials for 368,501 web sites.

Is "Microsoft security" becoming as big an oxymoron as "military intelligence" ...?