On August 8, 2006 Microsoft released Security Bulletin MS06-040 which addressed a critical issue in the Server Service that allows for remote code execution on vulnerable systems. The vulnerable service listens on TCP ports 139 and 445, and is enabled by default on all Windows systems.
This vulnerability was being exploited in the wild as a “zero day” attack previous to Microsoft´s patch release. Due to this existing threat, and also because of the potential for remote compromise of most Windows operating systems, eEye has created a free tool to scan machines for this critical vulnerability. The sooner that vulnerable machines are identified and patched, the smaller the possibility will be of a successful Internet worm attack.
The tool will scan multiple addresses at once to determine if any are vulnerable to the Server Service flaw reported in the Microsoft Bulletin MS06-040. If an IP address is found to be vulnerable, the Retina MS06-040 NetApi32 Scanner will flag that IP address.