The flaw could allow a cybercriminal to execute arbitrary code with the same SYSTEM privileges as the DNS Service by sending a designed request to a vulnerable system.
The software giant’s Software Security Incident Response Process is already investigating the incident and it says has experienced “very limited attacks” so far.
"On Windows 2000 Server and Windows Server 2003 running the DNS Server Service an anonymous attacker could try to exploit the vulnerability by sending a specially crafted RPC packet to an affected system," said Microsoft in an advisory.
DNS is a server service that translates IP addresses into domain names.
Microsoft urges Windows Server users to disable remote management over RPC capability for DNS Servers through the registry key setting.
Microsoft confirms DNS attacks
By Fiona Raisbeck on Apr 16, 2007 9:30AM