Microsoft late Tuesday confirmed the publication of exploit code for a serious code execution vulnerability in the File Transfer Protocol (FTP) Service in Microsoft Internet Information Services (IIS) 5.0, 5.1, and 6.0.
A security advisory from Redmond warned that the vulnerability could allow remote code execution on affected systems running the FTP service and connected to the Internet. Read the advisory [microsoft.com] See workaround information on the SR&D blog [technet.com]