A vulnerability recently discovered in the software used in most DNS (Domain Name System) servers may be the most serious security threat yet found on the Internet, allowing hackers effectively to shut down ISPs and corporate Web servers as well as steal confidential data.
The flaw in two widely used versions of BIND (Berkeley Internet Name Domain), distributed free by the Internet Software Consortium (ISC), could be exploited immediately by unscrupulous programmers if they can write a program to take advantage of it, said Jim Magdych, security research manager at the Computer Vulnerability Emergency Response Team (Covert) at PGP Security, a Network Associates business. Developing this might take only a few days, he said.
Covert and ISC, along with Carnegie-Mellon University's Computer Emergency Response Team (CERT) Coordination Center, will announce on Monday a fix for the vulnerability, and plan by that time to have the impact on the Internet at large," Magdych said.
The link for this article located at CNN is no longer available.
