The remotely exploitable buffer-overrun flaw was addressed in Microsoft Security Bulletin and allows malicious attackers to take complete control of compromised systems. The flaw allows attackers to create new user accounts, install programs and view, modify or delete data and is considered by security analysts to be the most serious of the seven "critical" flaws disclosed by Microsoft this month.

"Microsoft is aware that detailed exploit code was published on the Internet claiming to exploit the vulnerability in the Workstation Service addressed by MS06-070," the company said in an e-mailed statement. Security Engineers at the Microsoft Security Response Center are currently investigating the accuracy of this claim, and the company will issue a security advisory "as soon as possible," the note said.

The company also stressed that the vulnerability is critical only on Windows 2000 systems.

Amol Sarwate, manager of the vulnerability management lab at security vendor Qualys Inc., said his company so far has seen at least two examples of exploit code targeted at the Workstation Service vulnerability. Qualys is in the process of testing one of the exploits to see how effective it really is, he said.

"What this highlights is just how quickly exploits are becoming available" for new vulnerabilities, said Sarwate. "So far, there has not been any evidence of a virus or a mass worm taking advantage of the [workstation service] exploit, but it is only a matter of time" before that happens, he said.