Microsoft addresses 'Remote Code Execution' vul in AD on Windows 2000 Server and Server 2003

Microsoft has released an security update to address a vulnerability in Active Directory that resolves two privately reported vulnerabilities in implementations of Active Directory on Microsoft Windows 2000 Server and Windows Server 2003, and Active Directory Application Mode (ADAM) when installed on Windows XP Professional and Windows Server 2003. The more severe vulnerability could allow remote […]

Microsoft has released an security update to address a vulnerability in Active Directory that resolves two privately reported vulnerabilities in implementations of Active Directory on Microsoft Windows 2000 Server and Windows Server 2003, and Active Directory Application Mode (ADAM) when installed on Windows XP Professional and Windows Server 2003. The more severe vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could take complete control of an affected system remotely. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

More infoMicrosoft Security Bulletin MS09-018