Windows ACL Privilege Escalation - New Exploit Developed

System administrators should review this exposure carefully if they are using older versions of XP.  Moving to XP SP2 is beneficial as it offers a number of security improvements.  Companies should test their applications to ensure they are compliant as the stricter levels of security could create issues for poorly written applications.  Still, upgrading to SP2 is worthwhile and goes smoothly in most cases. 

Microsoft Windows Service ACLs Local Privilege Escalation Vulnerability
http://www.frsirt.com/english/advisories/2006/0417

Technical Description: A vulnerability has been identified in Microsoft Windows, which could be exploited by malicious users to obtain elevated privileges. This flaw is due to insecure default access controls where the "Authenticated Users" group is granted permissions to modify Simple Service Discovery Protocol (SSDP) and Universal Plug and Play Device Host (UPnP) service configurations, which could be exploited by local unprivileged attackers to change the default binary that is associated with an affected service and execute malicious programs with elevated privileges.

Solution: Upgrade to Microsoft Windows XP SP2 or Microsoft Windows Server 2003 SP1, or change the default ACLs:

http://www.microsoft.com/technet/security/advisory/914457.mspx