Hackers have hit a vulnerability that Microsoft revealed last week.
With researchers identifying a new worm named Gimmiv by Friday, one hacker had posted an early sample of code that could be used to exploit the flaw on the web.
Microsoft had already seen a small number of attacks that exploited the flaw, which may be used to spread infections between machines on a local area network, which are not typically protected by firewalls as the vulnerability lies in the Windows Server service used to connect with other devices on networks.
Ben Greenbaum, a senior research manager with Symantec, said: “It is downloaded onto a target machine via social engineering and then proceeds to scan and exploit machines on the same network, using this newly disclosed vulnerability in the Server service.
Symantec claimed that it saw a 25 percent jump in network scans looking for potentially vulnerable machines despite the flaw being patched very quickly. Greenbaum predicted that the attack code could be used to build botnet networks of infected computers.