There is a flaw in the way the kernel passes error messages to a debugger. A vulnerability results because an attacker could write a program to exploit this flaw and run code of their choice. An attacker could exploit this vulnerability to take any action on the system including deleting data, adding accounts with administrative access, or reconfiguring the system.
If you restrict access between different users of your computer, you should install this update. If you are the only person who uses your computer, or if you do not use passwords or other measures to limit access to accounts on your computer, it is not important that you install this update.
Affected Software:
- Microsoft Windows NT 4.0
- Microsoft Windows NT 4.0 Server, Terminal Server Edition
- Microsoft Windows 2000
- Microsoft Windows XP
Download: Patch for Windows 2000
Download: Patch for Windows XP
View: Download locations for other OS's
News source: Microsoft Security Bulletin MS03-013