After the Protected Storage service accesses a user's private key, an unencrypted copy of the key remains in the computer's memory. This copy of the private key remains stored in random access memory (RAM) even when the user logs off the computer and another user logs on.In a highly secure environment, this may be a security vulnerability.


http://support.microsoft.com/default...;EN-US;Q308034

Ok, so i found this while searching the hotfixes for Nt 4.0 SP7. According to a search on google.com, Protected storage service holds all passwords that are stored form IE, outlook, etc.
Problem 2: You can't get the patch unless you call microsoft. You can download it from their ftp, but they have encrypted it.

Anyone have have any insights or comments?