More attack code surfaces for recent MS security holes - Computerworld

More attack code surfaces for recent MS security holes - Computerworld: "Just days after Microsoft Corp. warned its customers about the release of code that can exploit a hole in its Secure Sockets Layer (SSL) library, new code that claims to exploit another recently disclosed hole surfaced on a French-language Web site.
The computer code can be used by a remote attacker to trigger a buffer overrun vulnerability in the Local Security Authority Subsystem (LSASS), according to a message posted to www.k-otik.com. Microsoft released a patch for the LSASS vulnerability, MS04-011, on April 13, along with fixes for the SSL problem and a number of other vulnerabilities (see story). "