The flaw, if exploited, would allow an attacker to execute programs and commands with full System user rights. In Windows, the System user is even more powerful than the Administrator.
Microsoft was informed of this flaw on June 12, 2009. No patch has been issued.
Edited by Amazing Andrew, 21 January 2010 - 10:58 PM.