Technical Information

Brief overview of the risk:
A remote code execution vulnerability exists in implementations of Active Directory on Microsoft Windows 2000 Server. The vulnerability is due to incorrect memory allocation when receiving specially crafted LDAP or LDAPS requests.
Detailed Information on the risk:
This security update resolves a privately reported vulnerability in implementations of Active Directory on Microsoft Windows 2000 Server. The vulnerability could allow remote code execution if an attacker gains access to an affected network. Further information on this exploit is available at : MS08-060