kernel bug not patched for over 2 years (but fixed in Vista and 2003)
or maybe designed differently in these newer versions?
microsoft windows kernel gdi local privilege escalation
a vulnerability in the handling of gdi kernel structures of microsoft windows leads to an exploitable memory corruption condition, causing a denial of service (so-called bsod) or arbitrary code execution on successful exploitation. this would allow a local user to escalate privileges, gaining full control of the system.
as part of the month of kernel bugs, mokb:
and our mirror to their main page: