Advisory with Information on Exploit Code for MS06-040

Hey folks – Mike Reavey here, providing you with a quick update on MS06-040.  This morning we released Security Advisory 922437 because we’re aware of exploit code that has been published on the Internet for the vulnerability that is addressed by Microsoft security bulletin MS06-040. We’ve verified that this exploit code can allow remote code to execute on Windows 2000 and Windows XP Service Pack 1 only.  In its current state, this code does not affect Windows XP Service Pack 2, Windows Server 2003, or Windows Server 2003 Service Pack 1. Also, we’ve verified that this exploit code does not affect customers who have installed the MS06-040 update on their systems.

We continue to recommend that customers apply the updates to the affected products by enabling the Automatic Updates feature in Windows, or using their deployment infrastructure in their enterprise or small business and restart their systems.

As a reminder, Microsoft is aware of very limited, targeted attacks that exploited the vulnerability prior to the release of the update, but we’re not currently seeing broad attacks that use this newly posted exploit code or of additional customer impact at this time.  However, we continue to actively monitor this situation with our Microsoft Security Response Alliance partners and will keep customers informed and provide customer guidance as necessary.


*This posting is provided “AS IS” with no warranties, and confers no rights.*