Thought people would like to be advised. Kindest Regards Barry Murphy Subject: Windows 2000/XP Remote exploit - High Severity Dear Barry Murphy, Summary ------- Products affected: Windows 2000/Windows XP Severity: High (Remote Execution) Ports: 139,445 (TCP) Patch: http://www.microsoft.com/technet/security/bulletin/MS03-049.asp Read more: http://www.eeye.com/html/Research/Advisories/AD20031111.html Discovered by: EEYE Digital Security EEYE Digital Security has discovered a bug in the Windows Workstation Service. This bug can lead to the remote exploitation of any Windows 2000 or Windows XP machines. The attacker needs access to ports 139/445. These ports are by default open on a Windows 2000 or XP host. SensePost has access to a proof of concept script that will determine if a host is vulnerable. For more information about the script please contact research(a)sensepost.com. Let's get this hole plugged before the next worm comes along. Regards, SensePost Research Team. ======================================================= SensePost Research research(a)sensepost.com http://www.sensepost.com (tel) +27 12 667 4737 =======================================================