Internet users are quite familiar with the Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA), a quick method that verifies whether or not the user trying to sign up is a person or a bot. A picture with swirled, mangled, or otherwise distorted characters is displayed and the user then types in the correct letters or numbers. Thus far, the system has worked well to slow down malicious bots, but recently the groups behind such software have made significant strides. A security firm is now reporting that the CAPTCHA used for Windows Live Mail can now be cracked in as little as 60 seconds.

...

To make matters worse, Websense Security Labs is now reporting that the method for getting around Windows Live Mail's CAPTCHA has been improved to the point that a bot can decipher the text and make a guess in less than six seconds, on average.

Read More:
http://arstechnica.com/security/news/2008/04/gone-in-60-seconds-spambot-cracks-livehotmail-captcha.ars