Exploit is in the wild for one of the bugs reported in MS04-011, according to the ISC Handler. The only corobration I've found is from from this source. Exploits the SSL bug in the patch.