It's nearly 2016, and Windows DNS servers can be pwned remotely

http://www.theregister.co.uk/2015/12/08/patch_tuesday_december2015/