A vulnerability in the PhoneBook service (a Windows NT and Windows 2000 add on component) enables attackers to execute arbitrary code on Windows servers.