An unchecked buffer exists in the Still Image Service' on Windows 2000 hosts. A locally logged-on user can execute malicious code that will use the still image service to escalate their permissions equal to that of the Still Image Service, namely, LocalSystem. The Still Image Service is not installed by default, but is automatically installed, via plug-n-play, when a user attaches a still image device (i.e. digital camera, scanner, etc.) to a Windows 2000 host. This patch corrects the problem.