CVE-2009-2523

Name of the Vulnerable Software and Affected Versions Microsoft Windows 2000 SP4

Description The issue allows remote attackers to execute arbitrary code via a specially crafted RPC message, which triggers a heap-based buffer overflow. This can be exploited by sending a specially crafted network message to a computer running the License Logging service, allowing an attacker to take complete control of the system. The exploitation does not require authentication.

Recommendations For Microsoft Windows 2000 SP4, consider disabling the License Logging Server service until a patch is available to prevent exploitation. Restrict access to the LlsrLicenseRequestW method to minimize the risk of exploitation. Avoid using the License Logging service in untrusted networks until the issue is resolved.