Microsoft has recently released a fix to address the token kidnapping privilege escalation vulnerability which was discovered in March 2008. Microsoft released an advisory in April 2008 instructing users how to protect themselves. At the time Microsoft did not fix the root of the problem because it involved a low level design flaw in Windows XP and 2003 (the vulnerability did not exist in Vista & 2008 Server).
However with this month’s Patch Tuesday, Microsoft has released a fix that corrects the root cause of the token kidnapping bug. This was major work that was done and it was released outside of a Service Pack — used for most fixes of this magnitude. This fix was so large it involved hundreds of Microsoft programmers across several domains teams and more than 600,000 test scenarios were run to insure existing applications would not be affected.
You can read more details on the vulnerability and process Microsoft went through in resolving this issue here http://blogs.technet.com/msrc/archive/2009/04/14/token-kidnapping.aspx