A flaw was discovered by a member of the Microsoft Active Protections Program network.This vulnerability affect Windows XP and Server 2003. It was found in the nucleus of Microsoft Windows. It allows an attacker to cause elevation of privilege. The vulnerability relates NDProxy driver that allows the interface between operating systems and NDISWAN Condis WAN with TAPI services. Microsoft says that these attacks are targeted and limited. The user must open a malware as a PDF file. Being a privilege elevation vulnerability, Microsoft said that the danger of this fault is less, because it does not allow remote code execution.
The company FireEye found this vulnerability shows how to prevent outside intrusion. Must update the latest version of Adobe Reader and upgrade to Microsoft Windows 7 or higher, since the system is no longer relevant from Windows Vista. The vulnerability affects Adobe Reader 9.5.4 for versions 10.1.6, 11.0.02 and earlier on Windows XP SP3. Microsoft says, pending a patch, disable NDProxy.sys from the base register but in this case, remote access, network and remote access virtual private network will not work.