Is this true: http://www.eweek.com/article2/0,3959,1196496,00.asp **there is a working exploit for this vulnerability but that it has not been released yet.**