The exploit code takes advantage of security bulletin MS05-051.The bug lies in a Windows component for transaction processing called the Microsoft Distributed Transaction Coordinator, or MSDTC. Microsoft addressed the flaw in
"Initial investigation of this exploit code has verified that successful exploitation could lead to a denial of service attack...and not remote code execution," a Microsoft representative said in a statement. In a denial of service attack a computer would crash, while remote code execution would mean the attacker has full control over a PC.
Users who have applied the MS05-051 patch are protected against exploitation of the flaw, Microsoft said. The patch has been available since Oct. 11, but some users have.
This is not the first exploit code for the MSDTC flaw, but it is the first to be published publicly on the Internet. Thefor users of its penetration testing product.
When Microsoft released its patches, experts were quick to warn that the MSDTC flaw could spawn an attack similar to the. Such an attack has not occurred. However, the public posting of exploit code could be a sign that an attack is coming, experts have said.
Microsoft said it is not aware of any current attacks that use the latest exploit code. The software maker urges all customers to apply the most recent security updates to protect their systems.