Microsoft Security Advisory 951306 - Calendar Of Updates(情報元のブックマーク数)

MicrosoftIISSQL Serverが入っているサーバでローカルの権限が上昇する脆弱性に対してセキュリティアドバイザリを出しました

Microsoft is investigating new public reports of a vulnerability which could allow elevation of privilege from authenticated user to LocalSystem, affecting Windows XP Professional Service Pack 2, Windows XP Professional Service Pack 3, and all supported versions and editions of Windows Server 2003, Windows Vista, and Windows Server 2008. Customers who allow user-provided code to run in an authenticated context, such as within Internet Information Services (IIS) and SQL Server, should review this advisory. Hosting providers may be at increased risk from this elevation of privilege vulnerability.