[ Thanks to George
Mitchell for this link. ]
“Newly discovered flaws in software used to transfer Internet
files could wreak havoc with the entire network if not patched
immediately, leading security analysts warned yesterday. Security
loopholes in the software [BIND] that directs most online traffic
could be exploited, allowing malicious hackers to redirect e-mail
and Web users to any Internet address they choose, warned the CERT
Coordination Center at Carnegie Mellon University in Pittsburgh,
and Covert Labs, a division of Santa Clara’s PGP Security.”
“A DNS server problem caused some of Microsoft’s Web sites to
become unavailable early last week. However, Microsoft spokesman
Adam Sohn said that the company’s recent Web problems had nothing
to do with the BIND-related loophole or any other security flaw. In
fact, Microsoft’s Web sites are among the minority on the Internet
that do not use BIND, Sohn said.”
“So far, no exploitations of the flaws have turned up, but
system administrators everywhere must race to install a fix
released by the software’s creator before hackers come up with ways
to take advantage of the weaknesses, CERT said during a press
conference this morning. A new, safe version of BIND can be
downloaded from the Web site of the Internet Software Consortium
(www.isc.org/products/BIND), which developed the program.”