Schneier on Security: Microsoft RC4 Flaw
This is a real shame, as a lot of people who work at MS who really know a lot of about cryptography are going to be painted with the same brush as the individuals who coded this. Suffice it to say it is not that easy to break, as it does require two versions of the same document that have been changed from each other, but maintain the same password. But the amount of work required to avoid this situation is so minimal, it's a terrible situation. I wonder if the security review for office 12 caught this.
