When Microsoft released MS08-067 an out-of-cycle patch, one of the standout inclusions was the recent Pre-Beta release of their new operating system Windows 7. The highly anticipated OS, which also comes as a source of debate for Vista fans, is affected by the same remote code execution vulnerability that affects all the other production platforms.
The patch centers on a vulnerability in the Server service, which is enabled by default on Windows 2000, Windows XP (all versions), and Windows Server 2003. The vulnerability is triggered if the system receives a malicious RPC request. Microsoft rushed to release this patch because of the off chance that this vulnerability could be used in the creation of a new worm variant. Other factors led to the rare patch release as well, including the fact that on Windows 2000, XP, and Server 2003 an attacker would need no prior authentication after triggering the malicious RPC request to run code on the targeted system.