Xenophi1E

**Name of the Vulnerable Software and Affected Versions** Windows XP **Description** The issue allows local users to execute arbitrary code by sending specific button control messages to privileged applications. This can be achieved by sending (1) `BCM GETTEXTMARGIN` or (2) `BCM SETTEXTMARGIN` button control messages. **Recommendations** For Windows XP, consider restricting access to privileged applications until a fix is available. As a temporary workaround, avoid using the `BCM GETTEXTMARGIN` and `BCM SETTEXTMARGIN` button control messages in applications that use the CommCtl32.dll library.