This is the Windows Server Update Services support team blog. We cover all things relating to WSUS and Windows Update.
Yesterday we released Security Advisory 979682 to address an Elevation of Privilege (EoP) vulnerability in the Windows kernel, affecting all currently supported versions of 32-bit Windows. 64-bit versions of Windows, including Windows Server 2008 R2, are not affected. The advisory provides customers with actionable guidance to help with protections against exploit of this vulnerability.
To exploit this vulnerability, an attacker must already have valid logon credentials and be able to log on to a system locally, meaning they must already have an account on the system. An attacker could then elevate their privileges to the administrative level and run programs of their choice on the system.
For all the details see http://www.microsoft.com/technet/security/advisory/979682.mspx
J.C. Hornbeck | System Center Knowledge Engineer