August 17, 2005 - (HOSTSEARCH.COM) - Microsoft released a security advisory today on the Win32/Zotob.A worm which effects a Windows Plug and Play vulnerability and can lead to code execution.
Microsoft was quick to point out that the worm has had a minimal impact on customers as the worm effects Windows 2000 systems only. However, backing off of this the company points out; it’s important to note that on Windows XP Service Pack 2 and Windows Server 2003 an attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.
The Redmond software giant also issued an admonishment to security firms:
"Microsoft is disappointed that certain security researchers have breached the commonly accepted industry practice of withholding vulnerability data so close to update release and have published exploit code, potentially harming computer users. We continue to urge security researchers to disclose vulnerability information responsibly and allow customers time to deploy updates so they do not aid criminals in their attempt to take advantage of software vulnerabilities."
