Windows security hole discovered after 17 (!) years

Another Windows security hole has surfaced:

A flaw in the Virtual DOS Machine (needed for 16 bit applications) could allow an attacker to gain administrative privileges.

This flaw already existed in Windows NT 3.1 and is still present in Windows 7 (32 bit). So all 32bit versions of Windows are vulnerable.

Not affected are 64bit flavours of Windows since these don’t support 16bit stuff at all.