Microsoft late Wednesday warned Windows users that proof-of-concept code was in circulation that could be remotely and anonymously exploited on Windows 2000 machines. Windows XP SP1 is somewhat less vulnerable, said Microsoft.
The security advisory gave out few details of the vulnerability, only saying that it was a flaw in the RPC (Remote Procedure Call) component, and could result in a denial-of-service attack that would crash affected computers.
"On Windows XP Service Pack 1, an attacker must have valid logon credentials to try to exploit this vulnerability," Microsoft said in the advisory. Windows 2000, however, can be attacked remotely. That aged operating system has been victimized by several vulnerabilities which have singled it out for attack since mid-year, including August's Zotob campaign.
Windows XP SP2, Windows Server 2003, and Windows Server 2003 SP1 are immune to attack.
As far as Microsoft knows, there have been no attacks of the exploit, but the whole matter is under investigation. It may release a security update to fix the flaw in the future, the company said, though like always it wouldn't commit to doing so.
Microsoft offered up no specific advice for blocking a possible attack, and only said "Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter."
Typically when Microsoft issues a security advisory, it offers up mitigation tactics or advice on how to stymie an attack.