Jul 08 2008
If you’re using DNS, and we all are, prepare to patch every system you have. Not just your name servers, but any and all systems using DNS, which means virtually everything! This is a flaw discovered by Dan Kaminsky that affects the basic technology underlying DNS and effects all vendors. Dan took the road of responsible disclosure and worked with a large group of vendors to coordinate this patch. This may be one of the first successful examples of a large multivendor patch, and if ever there was a need for it, this is it.
Rich was able to get an interview in anticipation of today’s announcement and you can hear about it straight from Dan himself. There are not a lot of technical details concerning the vulnerability in the interview and every effort is being made to give us as much time to patch before reverse engineering gives the bad guys the secret sauce to make this a weaponized vulnerability.