Over the past week, there are have been numerous calls from all over the technology industry to update your Domain Name System (DNS) software on numerous platforms.
Computerworld was one of many publications that ran a serious of articles on this topic such as:
Microsoft confirms WSUS patch problem - "Microsoft Corp. yesterday acknowledged that it may have to re-release a recent fix for a flaw that stymied some users' ability to grab security patches through Windows Server Update Services (WSUS)."
DNS researcher convinces skeptics that bug is serious - "Once-skeptical security researchers now agree that the critical bug in the Internet's Domain Name System (DNS) protocol is the real deal."
Back on July 8, SC Magazine described how multiple vendors worked together to cooperate and solve a major industry problem. Here's an excerpt:
"A massive domain name system (DNS) design vulnerability that could permit cache poisoning - effectively allowing an attacker to direct users to the website of his choosing - is set to be fixed by an unprecedented synchronized series of multivendor patches."
So what are governments doing? Many are quickly rolling out the required patches to critical DNS servers using emergency procedures. In Michigan, we issued orders to implement our fast-track patching process to get DNS servers updated over the weekend.
We are rolling out desktop patches using our normal patch distribution process. After the US-CERT, MS-ISAC and others sent out alerts, we have also send the word out to our local partners to make this a high priority to get resolved now.
If you haven't rolled out these patches yet, this should be an urgent matter for this week's calendar. Make sure that every system in your enterprise can handle this flaw, otherwise, customers may end up going to the wrong websites.
Computerworld was one of many publications that ran a serious of articles on this topic such as:
Microsoft confirms WSUS patch problem - "Microsoft Corp. yesterday acknowledged that it may have to re-release a recent fix for a flaw that stymied some users' ability to grab security patches through Windows Server Update Services (WSUS)."
DNS researcher convinces skeptics that bug is serious - "Once-skeptical security researchers now agree that the critical bug in the Internet's Domain Name System (DNS) protocol is the real deal."
Back on July 8, SC Magazine described how multiple vendors worked together to cooperate and solve a major industry problem. Here's an excerpt:
"A massive domain name system (DNS) design vulnerability that could permit cache poisoning - effectively allowing an attacker to direct users to the website of his choosing - is set to be fixed by an unprecedented synchronized series of multivendor patches."
So what are governments doing? Many are quickly rolling out the required patches to critical DNS servers using emergency procedures. In Michigan, we issued orders to implement our fast-track patching process to get DNS servers updated over the weekend.
We are rolling out desktop patches using our normal patch distribution process. After the US-CERT, MS-ISAC and others sent out alerts, we have also send the word out to our local partners to make this a high priority to get resolved now.
If you haven't rolled out these patches yet, this should be an urgent matter for this week's calendar. Make sure that every system in your enterprise can handle this flaw, otherwise, customers may end up going to the wrong websites.
Leave a comment