The Internet Storm Center (ISC), which is operated by SANS, is receiving preliminary reports that hackers are targeting Microsoft's WINS service on Windows NT, 2000 and 2003 servers.

WINS is a central mapping of host names to network addresses and lets users find computers on a network.

Last week, Microsoft issued patch to close the WINS vulnerability, which could allow remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a Windows replications packet sent to TCP Port 42.

Data collected by the ISC shows that over the past few days Internet activity associated with Port 42 has risen dramatically.MS09-039 was issued on Aug. 11 when ISC was reporting roughly zero targets per day in association with Port 42 activity. By Aug. 13 that number had spiked to around 30,000, and by Aug. 16 the number was 70,000.