In 'Introducing Ethereum Script 2.0' (http://blog.ethereum.org/2014/02/03/introducing-ethereum-script-2-0/)
it says "Another modification is that code should be immutable, and thus separate from data; if multiple contracts rely on the same code, the contract that originally controls that code should not have the ability to sneak in changes later on. The pointer to which code a running contract should start with, however, should be mutable."
It is not clear to me whether the capability in the last sentence would enable a race condition that an attacker could exploit, by changing the code underlying a contract after a victim has chosen to enter it, but before that action gets added to the blockchain. Could an attacker create something attractive, such as a high-yield bond, and then flip the contract's code pointer to code that steals incoming funds, at least of any in-flight contract-entering transactions?