Computer code posted over the weekend can crash vulnerable computers by exploiting a Windows flaw disclosed in October.

The exploit code takes advantage of a flaw Microsoft tagged as "critical." The bug lies in a Windows component for transaction processing called the Microsoft Distributed Transaction Coordinator, or MSDTC. Microsoft addressed the flaw in security bulletin MS05-051.

"Initial investigation of this exploit code has verified that successful exploitation could lead to a denial of service attack...and not remote code execution," a Microsoft representative said in a statement. In a denial of service attack a computer would crash, while remote code execution would mean the attacker has full control over a PC.

Users who have applied the MS05-051 patch are protected against exploitation of the flaw, Microsoft said. The patch has been available since Oct. 11, but some users have reported problems with applying the update.
http://news.com.com/Attack%20code%20...4290&subj=news
Attack code out for 'critical' Windows flaw | CNET News.com