Sadly, none of this is particularly new or shocking, given Microsoft's past security troubles. Rest assured, however, that the big MS has really managed to one-up itself this time. Why? Because this is the "code" required to crash the aforementioned software:
<input type crash>Yes, that single line of HTML is it. No, I'm not kidding. In fact, according to the Inquirer you can sub in any number of words instead of crash, with the same result. I really don't know what to say at this point, so, umm, talk amongst yourselves.