Fully functional exploit code for the (still unpatched) Windows SMB v2 vulnerability has been released to the public domain via the freely available Metasploit point-and-click attack tool, raising the likelihood for remote in-the-wild code execution attacks.
The exploit, created and released by Harmony Security's Stephen Fewer, provides a clear roadmap for hackers to plant malware or open backdoors on Windows Vista Service Pack 1 and 2 as well as Windows 2008 SP1 server.

The release of the public exploit puts Microsoft under serious pressure to complete its patch-testing process and release a fix to head off in-the-wild attacks.

According to Microsoft's Johnathan Ness, the company's security response team has already completed more than 10,000 separate test cases in their regression testing and are currently doing "stress testing, 3rd-party application testing, and fuzzing."

The link for this article located at ThreatPost is no longer available.