The Microsoft Blog notes that they are tracking a Proof of Concept exploit. It targets the Client Server Run-Time Subsystem. The blog states that initial indications are that you need to be authenticated before you can take advantage of it. It affects Windows 2000 SP4, Windows Server 2003 SP1, Windows XP SP1, Windows XP SP2 and Windows Vista.
If you have more info feel free to drop us a packet or two.
eEye has some information has some additional info on the exploit here.
ISC Handler on Duty
Dec 22nd 2006
1 decade ago