An attacker may require access to trusted, internal network segments in order to conduct an exploit attempt. In addition, because affected systems may accept network messages from only trusted replication partners, the attacker may have to spoof the source of malicious messages, increasing attack complexity. If an exploit is successful, the attacker could execute arbitrary code with the elevated privileges of the WINS Server, possibly resulting in a complete system compromise.
The WINS Server is not installed by default on Windows 2000. Only systems with the component installed are vulnerable to exploitation.
The Cisco Applied Intelligence team has created an Applied Mitigation Bulletin to address vulnerabilities that Microsoft disclosed in the August 2009 security bulletin release. This Cisco bulletin, which assists administrators in identifying or mitigating these vulnerabilities using Cisco devices, is available at the following link: Cisco Applied Mitigation Bulletin: Microsoft Security Bulletin Release for August 2009
The update available from Microsoft corrects this vulnerability by performing proper boundary checks on data structures.