CRN (among others) have posted word about an exploit in Windows -- including Vista! -- that uses the Windows Proxy Auto-Discovery (WPAD) function. This is one of those features that most people never use anyway and which should be disabled by default, so you're probably better off turning it off completely as a pre-emptive measure. See the 2nd link for instructions on how to do this; the whole thing takes maybe 30 seconds.
