kernel bug not patched for over 2 years (but fixed in Vista and 2003)

or maybe designed differently in these newer versions?

microsoft windows kernel gdi local privilege escalation

a vulnerability in the handling of gdi kernel structures of microsoft windows leads to an exploitable memory corruption condition, causing a denial of service (so-called bsod) or arbitrary code execution on successful exploitation. this would allow a local user to escalate privileges, gaining full control of the system.

as part of the month of kernel bugs, mokb:

and our mirror to their main page:

gadi evron,