Reported November 11, 2003, by Microsoft.

 

 

 

VERSIONS AFFECTED

 

·         Windows XP, 64-Bit Edition

·         XP Service Pack 1 (SP1)

·         Windows 2000 SP2, SP3, and SP4

 

DESCRIPTION

 

A vulnerability in Windows can result in the execution of arbitrary code under the system security context on the vulnerable system. This vulnerability results from an unchecked buffer in the Workstation service.

 

VENDOR RESPONSE

 

Microsoft has released security bulletin MS03-049, "Buffer Overrun in the Workstation Service Could Allow Code Execution (828749)," to address this vulnerability and recommends that affected users immediately apply the appropriate patch listed in the bulletin.

CREDIT

 

Discovered by eEye Digital Security.