MS10-084: Vulnerability in Windows Local Procedure Call Could Cause Elevation of Privilege (2360937)
High Nessus Plugin ID 49961
SynopsisArbitrary code can be executed on the remote host through its LRPC facility.
DescriptionThe LRPC implementation on the remote host has a vulnerability in the way the local LRPC server handles specially crafted LPC messages.
A locally, authenticated user could exploit this flaw to elevate his privileges to the NetworkService account.
SolutionMicrosoft has released a set of patches for Windows XP and 2003.