The Domain Name Server design flaw that threatened the entire Internet earlier this year has mostly been patched, but the threat is far from over, experts say. The DNS flaw, which was discovered by IOActive researcher Dan Kaminsky in the first half of this year and resulted in the largest simultaneous security software patch in Internet history in July, was fully disclosed last month.
The flaw makes it possible for attackers to exploit the recursive nature of DNS server queries to “hijack” TCP/IP sessions and potentially redirect large segments of Internet traffic to unintended destinations. Threat From DNS Bug Isn’t Over, Experts Say – Desktop Security News Analysis – Dark Reading
From around the Web
- Gmail to drop IE6 support this year
- Older IE Versions Maintain Sizable Market Share Despite Security Concerns
- Google Chrome 4 Bolsters Browser Security with New Features
- 10 Reasons Why Microsoft Should Have Discussed Security At CES
- How three vendors screwed up USB stick security
- 94 more secret Windows shortcuts
- Facebook CEO: Privacy Not the Social Norm
- More flash drive firms warn of security flaw; NIST investigates
- The ultimate God Mode list: 39 secret Windows 7 shortcuts
- Microsoft, Adobe prep critical security patches
- Mozilla fixes upgrade flaw in Firefox
- Chrome grabs market share from IE and Firefox, passes Safari
- Facebook enhances privacy settings
- Windows 7 tricks: 20 top tips and tweaks
- The ABCs of securing your Windows netbook