Exploit code for MS05-016 Available

Proof of Concept code is now available for ms05-016, the Windows Shell remote code execution vulnerability.
The code when compiled runs notepad.exe. Bad guys can likely use this to contruct their own versions for a email virus. The vulnerability is related to how the OS handles unregistered file types.
Doc, pdf,pif etc are examples of registered file types. An unregistered file type is anything else. So if I create a file with extension D0C (thats a zero), it may look like an expected word document, but its really the exploit.
Further anyone whose email antivirus is stuck in the stone age scanning specific file types only wont even scan this in inbound email. People who rely on blocking “dangerous” file types to fill in the gap from exploit release to virus definition update will be out of luck unless they choose to whitelist a few specific extensions instead of relying on blacklists. is.