The attack uses a vulnerability that Microsoft described in security bulletin MS06-040. It describes a buffer overflow vulnerability in the Windows Server component, affecting Windows 2000, Windows XP and Windows Server 2003.
The exploit only works on systems running Windows 2000 or Windows XP without any service packs. Most Window XP systems run service pack 2.
Attackers can contact the affected component through TCP ports 139 and 445. Both ports are used for NetBIOS sessions including Windows File and Printer sharing.
The exploit prompted the US Department of Homeland Security to issue a press release urging users to apply Tuesday's patch.
Few security experts were surprised by the speed at which online criminals started exploiting the vulnerability.
Bojan Zdrnja with the SANS Internet Storm Center and a security researcher for the University of Auckland warned that the code will cause more widespread attacks as less sophisticated virus writers start creating copy-cat malware.
"It's just a matter of time when script kiddies will start using this, if they haven't already," said Zdrnja.
"We can expect that this exploit will soon be added to the attack arsenal of bots such as Sdbot and similar. In other words – patch!"
The MS06-040 exploit marks the first attack new following this week's Microsoft patch release.
The patch plugged 23 security vulnerabilities, 11 of which were actively being exploited at the time of the release.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago