Rogue code has been posted on the internet that could exploit a
flaw in unpatched
Microsoft Host Integration Servers.
The exploit forms part of
Metasploit, a toolkit
used by
penetration testers and criminal hackers.
This Tuesday,
Microsoft issued security bulletin MS08-059 to address the
vulnerability posed to host servers.
Microsoft said the the vulnerability could allow remote code
execution "if an attacker sent a specially crafted remote procedure
call request to an affected system".
Redmond said the patch was a priority for system administrators.
The rogue code could, however, be used by hackers before some
organisations have time to check the suitabality of the patch for
their systems.