Microsoft is investigating a security hole in Windows server software that could allow an attacker to gain complete control over systems.

The flaw lies in the Windows Internet Name Service (WINS), a network infrastructure component in Windows NT Server 4.0, Windows 2000 Server and Windows Server 2003. WINS provides a distributed database for registering and querying dynamic computer name-to-IP address mapping.

Windows 2000 Professional, Windows XP and Windows Millennium Edition also contain WINS but are not affected by this security issue, Microsoft said.

By default, WINS is installed only on the Small Business Server editions of Windows 2000 Server and Windows Server 2003, according to Microsoft. However, in both cases WINS is available only on the local network and not from the Internet, the vendor said in an article on its website.

Microsoft said it will offer a patch as part of its monthly update cycle. Meanwhile, it advises users to protect their systems by blocking TCP port 42 and UDP port 42 on their firewall, removing WINS if it is not needed or using IPSec to protect traffic between WINS servers.

Details of the WINS flaw were first published last Friday on the BugTraq mailing list by security company Immunity. More information on the flaw and Microsoft's temporary fix can be found at