Reported February 8, 2005 by Microsoft
A vulnerability in the way authentication information is validated could allow a remote intruder to discover the user names associated with open connections to shared resources.
Microsoft has released
Security Bulletin MS05-007, "Vulnerability
in Windows Could Allow Information Disclosure (888302),"
and a patch to correct the problem.
Jean-Baptiste Marchand of Herve Schauer Consultants