Steve -
Microsoft does keep people aware of some of the vectors. Note the Patch Tuesday every month. :w00t:
They also publish some info, don't know if you've browsed these.
http://msdn.microsoft.com/en-us/practices/default.aspx
A couple of weeks ago there was a free online seminar (6 hours of a 5 day course) on Ethical Hacking.
Good overview and demonstrations of some of the techniques used.
http://www.nhmn.com/Courses/CrsSearchResults.aspx?ST=Q&S=false&T=hacking
A lot of information isn't published, or not published until after a fix is available.
Knowing how things work, and break, is part of being a good developer.
I like to see live demos, along with examples of how to fix the issue.
And they always impress that keeping current on patches is a big part of being safe.
Greg E