A flaw has been reported under the WINSRV.DLL library.

The flaw allows local users to have administrative priviledges on Microsoft Windows operating systems. After some analysis, it has been concluded that the flaw cannot be exploited on remotely via the internet.

The affected versions of Windows OSs are:
-2000 SP4
-2003 SP1
-XP with SP1 or SP2
-Vista

Microsoft does not think that the flaw is significant because of the reason that remote attackers cannot exploit the flaw.

For more info, read the blog from Microsoft’s security response here