06.160.2009 - MS09-026 - Important: Vulnerability in RPC Could Allow Elevation of Privilege (970238)

Bulletin Severity Rating:Important - This security update resolves a publicly disclosed vulnerability in the Windows remote procedure call (RPC) facility where the RPC Marshalling Engine does not update its internal state appropriately. The vulnerability could allow an attacker to execute arbitrary code and take complete control of an affected system. Supported editions of Microsoft Windows are not delivered with any RPC servers or clients that are subject to exploitation of this vulnerability. In a default configuration, users could not be attacked by exploitation of this vulnerability. However, the vulnerability is present in the Microsoft Windows RPC runtime and could affect third-party RPC applications. - View Microsoft Security Bulletin MS09-026 - View Microsoft Knowledge Base Article - 970238 - Visit Microsoft Corporation