They are not the same.
catch (Exception) { } will catch managed exceptions only; catch { } will catch non-CLS exceptions as well: http://msdn.microsoft.com/en-gb/bb264489.aspx
An unhandled non-CLS compliant
exception becomes a security issue
when previously allowed permissions
are removed in the catch block.
Because non-CLS compliant exceptions
are not caught, a malicious method
that throws a non-CLS compliant
exception could run with elevated
permissions.
Edit: Turns out .NET 2.0+ wraps the values — so they are the same. That’s a bit of a relief!