A serious bug can do execute a malicious code from a cracker.
Bug was discovered and announced Sunday 3 Feb, when K. Mardam-Bey has released new version of mIRC (6.0).
Bug is a buffer overflow, which determine nick assignment when an user try to connect at IRC server. It's possible send a nickname more large of 200 characters and force to connect it to an aggressive IRC server.
Cracker can also use a HTML code (web pages or e-mail) to force launch mIRC and connect it at a determined IP address.
All mIRC's version antecedent 6.0 are vulnerable.
In this moment aren't patch.
For details http://www.punto-informatico.it/p.asp?i=38934 (italian language).