A bug recently found in the software used by most DNS (Domain Name System) servers has been called the worst security threat to the Internet ever found. The vulnerability present in versions 4 and 8 of BIND (Berkeley Internet Name Domain) would let a hacker to redirect Web traffic and e-mail. This ability could be used to capture user names and passwords sent to a site as well as simply blocking access.
The Computer Vulnerability Emergency Response Team at PGP Security, the bug’s discoverer, and the Internet Software Consortium (ISC), the distributor of BIND, and Carnegie-Mellon University’s Computer Emergency Response Team (CERT) Coordination Center have provided an updated version of the DNS software. By announcing the flaw, they have made it known to programmers who are capable of quickly exploiting the weakness so ISC is “recommending” that users upgrade.