Severity Rating: Important - Revision Note: V1.9 (March 18, 2009): Corrected product instance names from "ADMT" and "ADS" to "MS_ADMT" and "MicrosoftADS", respectively. These are instance names referenced in the Security Update Deployment section for the Microsoft SQL Server 2000 Desktop Engine (WMSDE). This is an informational change only that does not affect the files contained in the update. Customers who have successfully updated their systems do not need to reinstall this update.Summary: This security update resolves four privately disclosed vulnerabilities. The more serious of the vulnerabilities could allow an attacker to run code and to take complete control of an affected system. An authenticated attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.

Read more at: http://www.microsoft.com/technet/security/bulletin/MS08-040.mspx?pubDate=2009-03-18