A security researcher has released proof-of-concept code for an unpatched security vulnerability affecting all versions of Windows. The vulnerability was identified in the BROWSER protocol. Microsoft has not yet issued a formal security advisory with mitigation guidance or workarounds. The issue is more likely to affect server systems running as the Primary Domain Controller (PDC) A more risk attack scenario would be denial of service attacks, Microsoft’s Mark Wodrich said. He warned that remote code execution (highest severity) may be possible in certain circumstances.
Source: https://thehackernews.com/2011/02/microsoft-confirms-windows-browser.html