Matthew Amdur

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows versions prior to XP SP3 and Server 2003 SP2 **Description** A remote code execution issue exists due to the way the Server service handles certain network messages. An attacker could exploit this by sending a specially crafted network message to a system running the Server service as an authenticated user. Successful exploitation could result in complete control of the affected system, although it will most likely cause a Denial of Service condition. **Recommendations** For Windows 2000 SP4, Server 2003 SP1 and earlier, and XP SP2 and earlier, apply the necessary patch or update to a newer version to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.