Windows Denial of Service via RPC vulnerability
The Sans Institute is reporting on a vulnerability in Windows 2000 and XP SP1 (sp2 and 2003 not affected), that “could allow an attacker to levy a denial of service attack of limited duration”. It appears that valid login credentials are necessary for this. There is no patch yet, the best solution at this point is to firewall off services that are not necessary.