The problem specifically exists because SYSTEM privileges are not dropped when accessing the GSC properties from the System Tray applet. The vulnerability can be exploited by right-clicking the System Tray icon, choosing "Log", right click "Event Viewer", "Open Log File...". The opened file selected can be abused by navigating to C:\WINDOWS \SYSTEM32\, right-clicking cmd.exe, then selecting "Open"; doing so spawns a command shell with SYSTEM privileges.
Disclosure Timeline:
2006: Vulnerability found
2006.10.25: Vulnerability first reported to vendor
2009.02.17: Vulnerability reported to vendor again
2009.03.16: Request for status update
2009.04.21: Request for status update
2009.05.25: Public Release
