http://blogs.technet.com/srd/archive/2009/04/14/ms09-012-fixing-token-kidnapping.aspxThis morning we released MS09-012, an update to address the publicly-disclosed issue commonly referred to as Token Kidnapping ( http://www.argeniss.com/research/TokenKidnapping.pdf ). This vulnerability allows escalation from the Network Service accounten-USCommunityServer 2.1 SP1 (Build: 61025.2)