Only days after Microsoft released its monthly security bulletins for October exploits have been released that take advantage of three of the associated vulnerabilities. Albert Galacia ([email protected]) released code that takes advantage of the FTP directory traversal problem cited in Microsoft bulletin MS05-044, Gary O'Leary-Steele ([email protected]) released code that takes advantage of the Collaboration Objects vulnerability (MS05-048), and bkbll ([email protected]) released code that takes advantage of the Network Connection Manager vulnerability (MS05-045).
An exploit for the vulnerability in Microsoft Data Transaction Coordinator (MSDTC) also exists, however that code has not been released to the public. However, it is likely that someone will release such an exploit in the near future, possibly in the form of worm or Trojan. MSDTC listens on port 3372 and not so surprisingly port scanning activity for that port has risen sharply since the release of Microsoft's related bulletin, MS05-051.