Reported July 13, 2004, by Microsoft
A privilege-elevation vulnerability exists in the POSIX OS subsystem. Although this vulnerability is not exploitable remotely, a potential attacker who successfully exploited the vulnerability could take complete control of an affected system.
Microsoft has released bulletin MS04-020, "Vulnerability in POSIX Could Allow Code Execution (841872)," to address this vulnerability and recommends that affected users apply the appropriate patch listed in the bulletin.
Discovered by Rafal Wojtczuk.