The Symantec Security Response blog reports a new local escalation of privilege vulnerability for Windows XP and Windows Server 2003 (fully patched and with latest Service Packs applied). Apparently Microsoft is already aware of the issue. Some driver included by default seems to be the culprit.
