I have trouble understanding what you want to say but I did not say what you quoted me with. Please don't put words in my mouth.
The title was giving people the wrong impression about the severity of the vulnerability. This has nothing to do with "avoid giving people ideas" which would be stupid anyways.
IIS has several components. One of them, the vulnerable part here, is running in kernel space. In kernel space you have access to everything.
As far as I know, IIS is the only(bar embedded devices running a single address space OS and various ancient/obsolete toys servers on linux) used in production that handles part of HTTP in kernel space (or ring 0 if you will).
Sure. I read est as saying that Administrators are more restricted in Server 2008 than they were in earlier Windows versions. I assumed they were talking about the relatively well known technique of scheduling a cmd shell to run as SYSTEM, which that blog mentions being prevented in Server 2008.
But you would still expect an Administrator account to be able to load files onto the system, so obtaining the SYSTEM shell remains pretty easy.
The distinction between SYSTEM and Administrator was a convenience, and if I understood est correctly, it still is.
