If you visit the MSDN Security Developer Center, you’ll see a headline dealing with a published exploit we’re tracking that takes advantage of an issue from MS04-011. Read the information page for the full scoop, but the bottom line is this: If you’re running a Web server, you should patch your machines as soon as possible. If you are still evaluating the patch, you should disable PCT support through the registry as described on the page we’re linking to and in KB Article 187498.
Information about code that attempts to exploit PCT in SSL
Microsoft is aware of reports of code available on the Internet that seeks to exploit certain issues addressed in our April 13 security updates. This so-called exploit code affects the Private Communications Transport (PCT) protocol, which is part of the Microsoft Secure Sockets Layer (SSL) library.