Exploit code posted on the recent vulnerability addressed by MS06-025

Hi everyone, Stephen Toulouse here.  We’ve see that detailed exploit code has been published on the Internet for the vulnerability addressed by Microsoft security bulletin MS06-025.  So per the usual when something like this happens so quickly after release we wanted to highlight that fact, and let you know that we’re not currently aware of any active attacks utilizing this exploit code at this time.  But the MSRC is monitoring this situation to keep customers informed and to provide customer guidance as necessary.

We have confirmed that the exploit code does not affect users who have installed the update detailed in MS06-025 on their computers.  So we continue to recommend that customers apply the that update. In addition, We’ve posted a security advisory regarding this issue to provide additional guidance.  The security advisory can be found at the following location:

 We’ll certainly keep an eye out on this issue and keep you posted if we see anything further.




*This posting is provided “AS IS” with no warranties, and confers no rights.*