Security experts have found a new way to exploit a known buffer overrun flaw in Windows Workstation Service. Microsoft Corp. issued a patch for the vulnerability in November and listed several workarounds. But penetration testers at Core Security Technologies discovered that one of the workarounds still lets malicious packets reach Workstation Service.
If you havent applied the patch youre still vulnerable. You can get it at www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS03-049.asp.