Microsoft Windows Vista establishes a Teredo address without user action upon connection to the Internet, contrary to documentation that Teredo is inactive without user action, which increases the attack surface and allows remote attackers to communicate via Teredo.
osvdb.org/33667
www.securityfocus.com/archive/1/462793/100/0/threaded
www.securityfocus.com/archive/1/464617/100/0/threaded
www.securityfocus.com/bid/23267
www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf
www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html