April 23, 2004 — (WEB HOST INDUSTRY REVIEW) — A report by research and analysis firm Netcraft (netcraft.com) says code has been published on The Hackers Choice Web site that can be used by attackers to gain access to unpatched Microsoft secure servers. The code exploits a PCT (personal communications technology) vulnerability in Windows SSL, detailed in Microsoft security update MS04-011. The PCT and SSL 2.0 protocols targeted by the exploit code are enabled by default in Windows 2000 and Windows NT4.
The code has reportedly been downloaded 2,200 times.
The SANS Institute, a computer security organization, has warned administrators to install the security update, the report said.
