Windows DNS Risk

Over the weekend, more than four exploits for a vulnerability in the Windows domain name system (DNS) service were published, increasing the chances of a widespread attack; exploits may aid cyber-criminals in creating malicious code to compromise systems through the vulnerability.

Microsofts April 12 Security Advisory warned of a "limited attack" exploiting a yet-to-be-patched security flaw in the Windows DNS service in Windows 2000 Server and Windows Server 2003.

Microsoft says the vulnerability in RPC, or remote procedure call, on Windows DNS Server could allow attackers to run unauthorized code on affected computers. The vulnerability affects the DNS RPC interface, a protocol used by applications to send requests over a network. Following the advisory, Microsoft confirmed that it uncovered targeted attacks exploiting the vulnerability. 

CNET has the full scoop.