The hacker, using the name "Dark Spyrit", released the program that is designed to exploit the security hole. It allows someone with limited technical knowledge to exert complete control over a Windows 2000 server running version 5 of Microsoft's Internet Information Server (IIS) Web software.
Microsoft said that the security hole was an "extremely serious" flaw. The vulnerability, which is caused by an unchecked buffer in an extension that provides support for Internet printing capabilities within Windows 2000, was uncovered and reported to Microsoft by security vendor eEye.
Marc Maiffret, eEye's chief hacking officer, said an attacker could gain system-level access to servers, enabling them to view all files and execute any commands, and warned the threat was just as acute to a Fortune 100 company as a small operator.
Maiffret also predicted that instructions to take advantage of the hole would be "developed and shared by would-be attackers" within a matter of days.
"There are at least a million Web servers sitting on the Internet that, within a few minutes, you can get system level access to," he added.
A spokesman for Microsoft said the emergence of the code came as no surprise. "Customers who have applied the patch don't have to worry. Customers who haven't applied the patch should take this as a reminder to do so immediately."