Reported November 11, 2003, by Microsoft.
· Windows XP, 64-Bit Edition
· XP Service Pack 1 (SP1)
· Windows 2000 SP2, SP3, and SP4
A vulnerability in Windows can result in the execution of arbitrary code under the system security context on the vulnerable system. This vulnerability results from an unchecked buffer in the Workstation service.
Microsoft has released security bulletin MS03-049, "Buffer Overrun in the Workstation Service Could Allow Code Execution (828749)," to address this vulnerability and recommends that affected users immediately apply the appropriate patch listed in the bulletin.
Discovered by eEye Digital Security.