Microsoft Security Advisory (928604)

Exploit Code Published Affecting the Workstation Service on Windows 2000

Published: November 16, 2006 | Updated: November 16, 2006

Microsoft is aware of public proof of concept code targeting the vulnerability addressed by security update MS06-070. At this time Microsoft has not seen any indications of active exploitation of the vulnerability Microsoft has activated its emergency response process and is continuing to investigate this public report.

Microsoft continues to recommend that customers apply the November updates as soon as possible with additional urgency and consideration given to the update detailed in MS06-070. Customers can ensure that the updates are being installed by enabling the Automatic Updates feature in Windows or by using their deployment infrastructure in their enterprise or small business.

Mitigating Factors:

• Customers who have installed the MS06-070 security update are not affected by this vulnerability.
  

• While installation of the update is the recommended action, customers who have applied the mitigations as identified in MS06-070 will have minimized their exposure and potential exploitability against an attack. 
  

http://www.microsoft.com/technet/security/advisory/928604.mspx