On November 14th, Microsoft released the security bulletin MS06-070, regarding a critical vulnerability in the Workstation service. This vulnerability can be exploited across the Internet, by sending specially crafted network messages to a vulnerable Windows XP/2000 computer.

There already exists a PoC (detected as WKSSVC) that exploits this vulnerability. This means we could be facing a real piece of malware using it in the near future (or not…).

As we mentioned in previous posts, this seems to be the "vulnerabilities quarter", so we expect some news about them.

You can find more information at the Malware Encyclopedia.

How lucky that you had already patched your computer…