The Graphics Rendering Engine in Microsoft Windows 2000 and Windows XP maps GDI Kernel structures on a global shared memory section that is created with insecure permissions.
Users with local access can remap the shared section, and overwrite kernel structures in a controlled manner leading to the execution of code with SYSTEM level privileges.
Apply the patch referenced in Microsoft Security Bulletin 07-017.
A current connection must exist with the target.
This exploit will elevate the priviliges of the current connection to SYSTEM.
Windows 2000 / Windows XP