Microsoft issued an advisory today warning administrators that intruders might be able to gain system-level privileges. The issue is particularly dangerous for hosting companies that rely on Internet Information Services (IIS) and SQL Server.
According to Microsoft, "specially crafted code running in the context of the NetworkService or LocalService accounts may gain access to resources in processes that are also running as NetworkService or LocalService. Some of these processes may have the ability to elevate their privileges to LocalSystem, allowing any NetworkService or LocalService processes to elevate their privileges to LocalSystem as well \[...\] User-provided code running in IIS - for example ISAPI filters and extensions - and ASP.NET code running in full trust may be affected by this vulnerability \[...\] SQL Server is affected if a user is granted administrative privileges to load and run code."
Other inroads are possible depending on various cirumstances. The problem affects Windows XP Pro SP2, Windows Vista, Windows Server 2003, and Windows Server 2008 if those systems are using IIS and SQL Server. Microsoft said that it could potentially release a security patch in the future, however in the meantime the company suggests several workarounds which are outlined in its related advisory.
