« WiiChuck control of 3D Studio Max
Mindset Six50 solar electric concept is light, green, and a bit homely »

Massive, Coordinated Patch To the DNS Released

tkrabec alerts us to a CERT advisory announcing a massive, multi-vendor DNS patch released today. Early this year, researcher Dan Kaminsky discovered a basic flaw in the DNS that could allow attackers easily to compromise any name server; it also affects clients. Kaminsky has been working in secret with a large group of vendors on a coordinated patch. Eighty-one vendors are listed in the CERT advisory (DOC). Here is the executive overview (PDF) to the CERT advisory — text reproduced at the link above. There’s a podcast interview with Dan Kaminsky too. His site has a DNS checker tool on the top page. “The issue is extremely serious, and all name servers should be patched as soon as possible. Updates are also being released for a variety of other platforms since this is a problem with the DNS protocol itself, not a specific implementation. The good news is this is a really strange situation where the fix does not immediate reveal the vulnerability and reverse engineering isn’t directly possible.”

Read more of this story at Slashdot.

Original post by kdawson

This entry was posted on Tuesday, July 8th, 2008 at 2:12 pm and is filed under security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

You must be logged in to post a comment.

Developages - Development and Technology Blog

Entries (RSS) and Comments (RSS and Subscribe to Developages by Email.