The DNS bug was the result of a bad hotfix, quite a long time ago. A fix was released within 24 hours, but the reputational damage was done, and the "fix" that most people implemented was to use their ISP's DNS servers in their forwarders list.
Even worse, I've seen IT staff deploy public DNS servers through their DHCP. Sometimes they include this in addition to their internal servers and sometimes instead. I know one IT guy that uses his old ISP's DNS servers at half a dozen or so remote sites of a company he supports and wondered why A) he could not join workstations to AD, and B) why he had to point to their RDS servers by IP. Just last month, a developer suggested that Google's DNS (8.8.8.8) be added to the internal network. They get DHCP from their firewall, and made a request to the ISP to add this to the DNS server list. Anyone want to guess how long it took to lose connection with AD? Or who they called, hopping mad, when "AD Infrastructure Failed"? 
If I recall, this bad patch was shortly after Server 2003 was released, so about 11 years ago, and affected NT, Win2K, and Win2K3 platforms. This is a long time to hold a grudge. 
I've successfully used Windows DNS without forwarders since first publishing an article on NT Network Basics back in 1997-98.
Glenn
_________________________
Actually I
am a Rocket Scientist!
