activeco - 11:13 am on Feb 16, 2008 (gmt 0)

...could be carried out by a simple piece of code implanted via a malicious website or email attachment, the study said.

The code would change a file in the Windows Registry settings, telling the PC to use the malicious server for all DNS information.

I can't see any "loophole in the the Domain Name System ".
Were those "researchers" serious? There are hundreds of ways for a virus to take control of users' pc's.
It looks more like hacker wannabies inventing the wheel.
What will they conclude next? A "loophole" in the HOSTS file?