Point yourself towards the Windows update site and you will see that Microsoft has released nine new security patches, including three critical fixes for Windows and Internet Explorer. As usual, I downloaded and installed them as soon as they were available. Some fixes concern Internet Explorer and Microsoft's DirectShow media streaming software. Yet another concerns the COM+ services included with Windows as well as the Microsoft Distributed Transaction Coordinator (MSDTC). Other fixes include patching the kinds of problems that left Windows users vulnerable to the kinds of attacks used by the Zotob family of worms.
Internet Security Systems' Neel Mehta, agreed that there were similarities between the PnP bug exploited by Zotob and MS05-051. "The scope of the affected platform is exactly the same and these services are run by default on Windows 2000," said Mehta. "In terms of ease of exploitation, they're not incredibly difficult to exploit, but they're not as easy as the Plug and Play vulnerability."