Steve -

Microsoft does keep people aware of some of the vectors. Note the Patch Tuesday every month. :w00t:

They also publish some info, don't know if you've browsed these.

http://msdn.microsoft.com/en-us/practices/default.aspx

A couple of weeks ago there was a free online seminar (6 hours of a 5 day course) on Ethical Hacking.

Good overview and demonstrations of some of the techniques used.

http://www.nhmn.com/Courses/CrsSearchResults.aspx?ST=Q&S=false&T=hacking

A lot of information isn't published, or not published until after a fix is available.

Knowing how things work, and break, is part of being a good developer.

I like to see live demos, along with examples of how to fix the issue.

And they always impress that keeping current on patches is a big part of being safe.

Greg E