Microsoft Security Advisory 951306 - 6 month old unpatched XP SP3 and Vista SP1 vulnerability code

Microsoft published an advisory (951306) informing Windows users of a new vulnerability which could allow elevation of privilege from authenticated user to LocalSystem, affecting Windows XP Professional Service Pack 2, Windows XP Professional Service Pack 3, and all supported versions and editions of Windows Server 2003, Windows Vista, and Windows Server 2008. Customers who allow user-provided code […]

Microsoft published an advisory (951306) informing Windows users of a new vulnerability which could allow elevation of privilege from authenticated user to LocalSystem, affecting Windows XP Professional Service Pack 2, Windows XP Professional Service Pack 3, and all supported versions and editions of Windows Server 2003, Windows Vista, and Windows Server 2008. Customers who allow user-provided code to run in an authenticated context, such as within Internet Information Services (IIS) and SQL Server, should review this advisory. Hosting providers may be at increased risk from this elevation of privilege vulnerability.

“Exploit code has been published on the Internet for the vulnerability addressed by this Advisory. Our investigation has shown that it does not affect customers who have applied the workarounds listed in the Advisory.

At this time, we are not aware of attacks attempting to use the vulnerability, ,” writes Bill Sisk.

Source:→ Softpedia

About The Author

Deepak Gupta is a IT & Web Consultant. He is the founder and CEO of diTii.com & DIT Technologies, where he's engaged in providing Technology Consultancy, Design and Development of Desktop, Web and Mobile applications using various tools and softwares. Sign-up for the Email for daily updates. Google+ Profile.