Exploit code has been released for three recent Microsoft vulnerabilities.

These vulnerabilities relate to server operating systems, and are usually not enabled by default - ASP/IIS and "Mailslots" being the affected services. The third vulnerability is in the DHCP server, which is only exploitable locally. These vulnerabilities are all patched, and the patches should be applied as soon as is reasonably possible. In the interim, firewall based protection can mitigate attacks.

See also: Sans report