Users who have not yet installed the latest security updates from Microsoft could be vulnerable to attack from a malicious software program...The exploit code targets a vulnerability in the Remote Access Connection Manager (rasman) service, used by Windows to create network connections over the telephone...Hackers published the code on websites late last week, and it is now included in Metasploit, a hacking toolkit that is used by security researchers and criminals alike...Windows 2000 and Windows XP Service Pack 1 users need to be wary because they could be the victims of particularly nasty attacks that do not require authentication...