MS11-080 – CVE-2011-2005

A great little Python script that escalates privileges and results in a SYSYEM shell. It works on Windows XP SP3 and Windows 2003 SP2.  Running the script as a standard non admin user will escalate privileges to compromise the system via Afd.sys.

It does require Python installed on the victims system which is a little bit annoying, but I am sure at some point the exploit will become an .exe :)

Microsoft Article: