"Software engineers at Microsoft will .. hear about an unpatched Windows
security hole that was once pooh-poohed as a "design issue" that
shouldn't be seen as a security vulnerability"

"The technique exploits design weaknesses in Microsoft Windows XP,
Windows Server 2003, Windows Vista, and even Windows Server 2008"

"Specially crafted code running in the context of the NetworkService or
LocalService accounts may gain access to resources in processes that are
also running as NetworkService or LocalService.

Some of these processes may have the ability to elevate their privileges
to LocalSystem, allowing any NetworkService or LocalService processes to
elevate their privileges to LocalSystem as well"

http://snipurl.com/25nu6
http://securitywatch.eweek.com/micro..._burner_1.html