MS11-062：リモート アクセス サービス NDISTAPI ドライバーの脆弱性により、特権が昇格される (2566454)

This security update resolves a privately reported vulnerability in all supported editions of Windows XP and Windows Server 2003. This security update is rated Important for all supported editions of Windows XP and Windows Server 2003. Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are not affected by the vulnerability.

The vulnerability could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application designed to exploit the vulnerability and take complete control over the affected system. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. This update addresses the vulnerability by correcting the way that the NDISTAPI driver validates user mode input prior to sending it to the Windows kernel.