When is an exploit not an exploit?
When it has already been patched... take the brou haha triggered by Symantec's "alert" to its subscribers about an alleged unpatched vulnerability in Windows 2000's file sharing protocol.
Scary words were used by various parties who picked up on the alert, and ran with it, including "unpatched vulnerability"... "zero day bug"... "Immunity will make the exploit public in June"...
"By Immunity" said "the exploit leverages a flaw in the operating system's kernel that can be triggered through SMB, and will give an attacker full access to the PC"
(cite: http://www.informationweek.com/news/showArticle.jhtml?articleID=188500259)
(cite: http://www.itnews.com.au/newsstory.aspx?CIaNID=33055)
"Symantec said "Immunity is considered to be a reliable source and we are of the opinion that this information should be treated as fact," and "An official security update from Microsoft will likely not be in development until after June when the information is released.""
(cite: http://www.informationweek.com/news/showArticle.jhtml?articleID=188500259)
(cite: http://www.itnews.com.au/newsstory.aspx?CIaNID=33055)
But then.... Microsoft said:
"We just want to let everyone know that we've investigated this claim and found the vulnerability being discussed is fixed by MS05-011, a security update released almost 16 months ago. We contacted our partners on this and made sure they understood this is not new. What *is* new is that someone reportedly has found a different way to exploit the vulnerability. But if you have the update, you're protected."
(cite: http://blogs.technet.com/msrc/archive/2006/05/25/430278.aspx)
Oops....