Hi,
There is two issue related to (MS06-035), and I believe you are referring specifically to this part of the issue :
http://tools.cisco.com/MySDN/Intelligence/viewThreat.x?threatId=5055
CVE-2006-1315 Vulnerability in Server Driver Could Allow Remote Code Execution
Unfotunately, there is not enough public information to write a signature with sufficient fidelity for this. If a public exploit is released however we will provide an exploit specific signature.
Regards,
Eric