Security 10748 Published by

InfoWorld reports that it took less than 24 hours for attackers to crank out proof-of-concept code targeting the one critical vulnerability disclosed -- and patched -- Tuesday morning by Microsoft



Early Wednesday, analysts with Symantec's DeepSight threat network alerted customers of JavaScript exploit code for the critical vulnerability in Windows 2000 that was revealed in Microsoft's monthly patch cycle. The proof-of-concept was posted to the Internet by someone with a Brazilian e-mail address. An hour-and-a-half later, Symantec updated its alert to say that additional exploit code was also available to users of Immunity's popular CANVAS penetration testing ("pentest") software.
Exploit code appears for Microsoft Agent bug