RPC Vulnerabilities on a Default Windows XP Box

the vulnerability behind MS08-067 has been generating alot of noise on the wire lately. This vulnerability could allow remote code execution through RPC and does not require authentication. One thing that many people are not mentioning is that a default XP/SP2 install is not vulnerable because the service is protected by the firewall. The attack vector just isn't available thanks to that one improvement Microsoft made many years ago. Here is the Vulnerable Function, the POC and the Security Bulletin.