CVE-2006-5585

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Microsoft Windows XP SP2 Microsoft Windows Server 2003

Description: A privilege elevation issue exists in the way Microsoft Windows starts applications with specially crafted file manifests. This could allow a logged-on user to gain complete control of the system. The issue is related to the Client-Server Run-time Subsystem.

Recommendations: For Microsoft Windows XP SP2, update to a version that includes the fix for this issue. For Microsoft Windows Server 2003, apply the necessary patch or update to resolve the issue. As a temporary workaround, consider restricting access to specially crafted file manifests within applications until a patch is available.