ANTenna Blog -- Security

The first attackware strategies based on the widespread DNS flaw announced earlier this month have been spotted. If you haven't patched yet, do it now, before it's too late. (Some say it's already too late.)

The Domain Name System (DNS) flaw announced -- but without specific details of its nature being given -- two weeks or so ago is so widespread, affecting products from more than eighty software and manufacturers, that a mass fix, accompanied by critical warnings about the vulnerability are now being superseded by critical warnings that the first DNS hole exploit approaches and attack strategies have been spotted.

Things were bad two weeks ago -- bMighty had the story here, the day after the flaw was announced -- and they're worse now. At least for anyone who hasn't patched: and for small and midsize businesses that may well mean outside vendors and service providers as well as internally maintained servers.

The DNS system routes urls -- i.e., bmighty.com etc. -- to the proper destination via the numerical address system the Internet rests upon.

By "poisoning" the DNS cache, crooks and hackers can redirect your traffic -- and your customers' -- to illegitimate sites, stealing information, setting you up for malware infection, and so on.

While the details of the DNS vulnerability were kept quiet by Dan Kaminsky, who discovered the hole, details emerged anyway, resulting in Kaminsky's minimalist, scary posting: "Patch. Today. Now."

Do it -- and make sure that your vendors, partners, service providers, customers and employees running servers do it too; before it's too late, unless it already is.

A list of affected systems is here (scroll down): if yours is on the list, check with your manufacturer, get the patch and install it now.

Now.