Windows Vista isolates services in Session 0 and runs programs in other sessions. Therefore, services are protected from attacks that originate in program code. In Microsoft Windows Server 2003 and earlier versions of Windows, all services run in Session 0 together with programs. This behavior can pose a security risk because services run with elevated permissions. Therefore, these services are targets for malicious agents who are looking for a way to elevate their permissions.
For more information about how Session 0 isolation affects services and drivers, visit the following Microsoft Web page: