i tested the IIS5 SSL exploit from thc.org on a single machine (spec. installed for such testing)
and it's working fine.
it was really easy to compile, so it's in the wild.
this could be a VERY BIG problem for your IIS5 server if port 443 is open.
you should TURN IT OFF ..RIGHT NOW !!!

the lsass-thing from k.otic i can't test, missing a dll.
is any discussion about it at AO?

at governmentsecurity i found a interesting post (related to the ms04-11)
seen msblast.exe on a vuln machine :/ i think the worm come back through the hole
youu may browse the diary at SANS starting here:
http://isc.sans.org/diary.php?date=2004-04-21