October 13, 2005 -- US-CERT is aware of unconfirmed reports that there's an exploit for a vulnerability in the Microsoft Distributed Transaction Coordinator (MSDTC). Successful exploitation could allow a remote, unauthenticated attacker to execute arbitrary code on the system. US-CERT is also aware of increased scanning activity on port 3372/tcp, a port commonly used by this service.

More information about this vulnerability can be found in the following US-CERT Vulnerability Note:

* VU#180868 - Microsoft Distributed Transaction Coordinator vulnerable to buffer overflow via specially crafted network message

Microsoft has released an update to address this vulnerability in Microsoft Security Bulletin MS05-051. US-CERT encourages administrators to apply the appropriate updates, patches, or fixes as soon as possible.

Source: Wired News