On Thursday, new code was posted on the Internet that could exploit a flaw in unpatched Microsoft Host Integration Servers.
The exploit is part of Metasploit, a toolkit used by penetration testers and criminal hackers alike.
On Tuesday, Microsoft issued security bulletin MS08-059 to address the vulnerability detailed in CVE- 2008-3466. In its patch bulletin, ranked as critical, Microsoft said "this vulnerability could allow remote code execution if an attacker sent a specially crafted remote procedure call request to an affected system. Customers who follow best practices and configure the systems network architecture remote procedure call (SNA RPC) service … Read more