With many companies still using Windows 2000, unpatched systems could lead to a new worm epidemic... something cheery to contemplate this weekend!
The MS05-051 bulletin, which shipped as part of Microsoft Corp.'s October batch of patches, includes fixes for four different Windows flaws, one of which is considered a major worm hole in the enterprise-heavy Windows 2000 operating system.

That bug, an unchecked buffer in the MSDTC (Microsoft Distributed Transaction Coordinator), could be exploited by a remote unauthenticated user to take complete control of an unpatched system.

"That one is really easy to exploit," said Marc Maiffret, co-founder and chief hacking officer at eEye Digital Security, the private research outfit that discovered and reported the vulnerability to Microsoft.
[eWeek]