MS08-025: Microsoft Windows kernel vulnerable to local privilege escalation flaw
From Microsoft:
A local attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts. This is an important security update for all supported editions of Windows 2000, Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008. This security update addresses the vulnerability by modifying the way that the Windows kernel validates inputs passed from user mode. Updates are available for the affected software.
Mmmmm that's tasty. Don't underestimate this one... getting user-level access to a system is either than one thinks... especially in a corporate environment. A regular user might be able to gain legitimate access to a more important system as a user, through privileges provided by the domain controller, and then utilize this to gain admin privileges. Perhaps dump the creds on that system, maybe get a cached domain admin credential, and now you own the entire network.
To make it worse, exploit code is publicly available already from a couple sources (listed on Security Focus):
The following exploit is available to members of the Immunity Partner's Program:
https://www.immunityinc.com/downloads/immpartners/ms08_025.tgz
The following proof-of-concept code and exploit are available:
Good thing Microsoft patched this one awhile back, but I would double check you are up to date now that the exploit code is public.