Microsoft were told that exploit code is available through third party fee-based security offerings that targets an issue addressed this week by Microsoft Security Bulletin MS05-051 and Microsoft Security Bulletin MS05-046.
Stephen Toulouse blogged today in Microsoft Security Responce Center Blog:
“The good news is that we’re not aware at this time of any exploit code being available publicly. Currently we’ve been told the exploit code is only available through third party fee-based security offerings. We’re not currently aware of active attacks that use this exploit code or of customer impact at this time.
But as always, the MSRC is actively monitoring this situation to keep customers informed and to provide customer guidance as necessary.
This just illustrates the danger out there however and we want to reiterate: if you are running the older versions of the operating systems, like Windows 2000, we strongly urge you to deploy the critical updates for that platform, like MS05-051, as soon as possible!.”