• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 Service Pack 2
• Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
• Microsoft Windows Server 2003 with SP2 for Itanium-based Systems
• Microsoft Windows Server 2003 x64 Edition
• Microsoft Windows Server 2003 x64 Edition Service Pack 2
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows XP Professional x64 Edition Service Pack 2
• Microsoft Windows XP Service Pack 2
• Microsoft Windows XP Service Pack 3
• Windows Server 2008 for 32-bit Systems
• Windows Server 2008 for Itanium-based Systems
• Windows Server 2008 for x64-based Systems
• Windows Vista
• Windows Vista Service Pack 1
• Windows Vista x64 Edition
• Windows Vista x64 Edition Service Pack 1

This vulnerability in Microsoft Windows Event System could allow a malicious user who successfully exploits this vulnerability could take complete control of an affected system, and may therefore be able to install programs; view, change, or delete data; or create new accounts with full administrative rights.

Patches for this vulnerability can be downloaded on this Microsoft Web page.

Microsoft recommends unregistering es.dll, as well as stopping and disabling the System Event Notification and COM+ Event System services. Alternatively, the user can also modify the Access Control List on es.dll to help protect against this attack. More details regarding these workarounds may be found on this Microsoft Web page.