Microsoft just released a patch to address the License Logging Server Heap Overflow Vulnerability (CVE-2009-2523). This vulnerability affects the License Logging Service (LLS), a feature which according to Microsoft is "designed to help customers manage licenses for Microsoft server products that are licensed in the Server Client Access License (CAL) model."
This vulnerability only affects Microsoft Windows 2000 Server Service Pack 4 and is rated Critical since this service is enabled by default in that OS. It is also accessible via anonymous network connection and exploiting this vulnerability can lead to extensive heap memory corruption which could possibly lead to remote code execution. It no longer affects the newer MS Server systems since this service has already been removed since Windows Server 2008.
More details of this patch are at these locations:
