As predicted, hackers have begun exploiting the Windows vulnerability that Microsoft patched last week as part of security bulletin MS06-040. Unpatched Windows 2000 machines are being hijacked for use in IRC-controlled botnets. More attacks on other flavors of Windows could occur in cases where the MS06-040 patches are not applied. It’s not just Windows that is vulnerable to attacks, lately, however. Attacks against just about all of Microsoft’s Office apps are growing briskly. In 2005, Microsoft shipped patches for five Office flaws, total. In the first eight months of 2006, that number already is at 24.