Security Labs


  digg   |   |     reddit
  newsvine   |     furl   |     technorati

DNS cache poisoning attacks spotted in the wild


Threat Type: Malicious Web Site / Malicious Code

This is an update to our previous alert on the DNS cache poisoning attacks.

The previously embargoed details of a critical DNS cache poisoning flaw have been correctly deduced, and are now public. In a webinar held just yesterday, Dan Kaminsky, the security researcher who discovered this flaw, confirmed that the vulnerability has been leaked.

More code to exploit this flaw has surfaced since our previous alert on this topic, and attacks have been spotted in the wild.

Major ISPs, including AT&T, Time Warner, and Bell Canada have yet to respond to this threat, leaving millions of subscribers at risk. Microsoft has issued a formal security advisory; Apple, whose Mac OS X servers are susceptible, have yet to issue a statement.

Websense® Security Labs™ strongly recommend that customers running their own DNS servers patch immediately. Customers who rely on an upstream DNS provider are urged to contact their provider to confirm that this issue has been addressed properly.