This was a nice finding by Tavis. A lot of the BIOS code and interfaces with it are overdue to be thrown out or audited. NT had a lot of subsystems (VDM, POSIX, OS/2?) that have moldered through MSFT's 2004 change in secure development awareness.<p>This bug appears to only be useful for privilege escalation (ring3 -> ring0), so worry about rootkits or if you run Windows terminal services.