Microsoft Security Advisory (951306): Vulnerability in Windows Could Allow Elevation of Privilege

Microsoft is investigating new public reports of a vulnerability which could allow elevation of privilege from authenticated user to LocalSystem, affecting Windows XP Professional Service Pack 2 and all supported versions and editions of Windows Server 2003, Windows Vista, and Windows Server 2008. Customers who allow user-provided code to run in an authenticated context, such as within Internet Information Services (IIS) and SQL Server, should review this advisory. Hosting providers may be at increased risk from this elevation of privilege vulnerability.

Microsoft Security Advisory (951306): Vulnerability in Windows Could Allow Elevation of Privilege

Blogged with the Flock Browser