- Remote code execution is released.
- The workaround from Microsoft.
- Why only Windows Vista, 2003, 2008 are vulnerable (including Window 7 RC), but not XP/2000.
Here's a list of follow up that you may not know yet:
- More than 10 version of the exploit is available here (C, PERL, Python, Ruby, win32)
- Port of the BSOD code to Metasploit (instead of RCE).
- Winsock edition is here.
- SMBv2 vulnerability scanner (class B, C) in Python.
In additional, rumor says:
- Could be the same old vulnerability back in 2007.
- Why Windows 7 RTM is not vulnerable:
"We found this issue independently through our fuzzing processes and implemented the fix into Windows 7 RTM (release to manufacturer) and Windows Server 2008 R2," the spokesperson says. "We're working to develop a security update for Windows Vista, Windows Server 2008 and Windows 7 RC."