April 13, 2007 -- (WEB HOST INDUSTRY REVIEW) -- Software giant Microsoft (microsoft.com) confirmed on Friday that it has "very limited, targeted attacks" against its Windows Server DNS service. The attackers are trying to exploit a vulnerability in the DNS Service that may allow for arbitrary code execution to run with the same privileges as the DNS service itself.

"On Windows 2000 Server and Windows Server 2003 running the DNS Server Service an anonymous attacker could try to exploit the vulnerability by sending a specially crafted RPC packet to an affected system," Microsoft said in a security advisory.

Remote procedure call is a commonly used protocol that enables remote service requests across a network. To avoid any potential problems, Microsoft is suggesting that Windows Server users disable remote management over RPC capability for DNS Servers through the registry key setting. A Microsoft spokesperson said the company will continue to help protect customers by providing an update through its monthly process or out-of-cycle depending on customers' needs.

The DNS flaw warning comes during a surge of other security warnings and patches from Microsoft. Earlier this week, Microsoft alerted users through five security bulletins, four for the Windows operating system and one for its Content Management Server. The company also patched this month a significant animated cursor hole.

Copyright © 2007 Web Host Industry Review, Inc. All rights reserved.