informa
/
Risk
Commentary

DNS Exploit Code Released

Security experts have warned Internet users to check their DNS connection for security and patch their DNS resolvers immediately.Details about the recently discovered vulnerability in the DNS system -- the system that translates domain names, such as bMighty.com, into numeric IP addresses -- were mistakenly posted on a blog. "Attackers could use these details to construct exploit code. Users are encouraged to patch vulnerable systems immediately," according to a warning from the United States Computer Emergency Readiness Team. Equally alarmed was Trend Micro security researcher Paul Ferguson, who wrote in the company's blog, "This is a very serious situation, and can possibly lead to widespread and targeted attacks which hijack sensitive information by redirecting legitimate traffic to fraudulent Web sites."

Individual users can test the vulnerability of the DNS servers they use here or here. System administrators should seek patches from their vendors.InformationWeek, CNET News

Recommended Reading:
Editors' Choice
Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
Joshua Goldfarb, Director of Product Management at F5