On Windows XP all releases, when you replace, or change the
screensaver displayed on the login screen with a specially
crafted version designed to execute programs, those programs
are launched under the SYSTEM SID, IE: they are given
automatically the highest access level avalible to Windows.
This level is not accessible even to administrators.
This flaw is important because while one would need Power
User privledges or above to change the Login Screensaver, by
default, any user with the exception of guest can replace the
login screensaver file with a modified version. In theory,
any determined user could execute ANYTHING with SYSTEM
privledges. A similar flaw exists in Win2K, but Microsoft
has ignored it.