Critical internet fault patched

DNS flaw could have brought web to its knees

A security flaw in the way computers looks up web addresses could have brought the internet to its knees, according to researchers, who have worked with major companies to patch the problem.

A DNS flaw involving the way in which someone could effectively re-route a request for a webpage to a malware 'trap' site was spotted by IOActive's Dan Kaminsky – who took the problem to major players like Microsoft, Sun and Cisco.

The companies collaborated on a solution and the latest software updates should patch the problem, according to the US Computer Emergency Readiness Team.

Cache poisoning

"An attacker with the ability to conduct a successful cache poisoning attack can cause a nameserver's clients to contact the incorrect, and possibly malicious, hosts for particular services," CERT said.

"Consequently, web traffic, email, and other important network data can be redirected to systems under the attacker's control."

Kaminsky told AFP that the problem was on a scale not seen in the past.

"People should be concerned but they should not be panicking," Kaminsky said. "We have bought you as much time as possible to test and apply the patch. Something of this scale has not happened before."

ABOUT THE AUTHOR

Global Editor-in-Chief

Patrick (Twitter) is Global Editor-in-Chief for techradar, and has been with the site since its launch in 2008. He is a longstanding judge of the T3 Awards, been quoted or seen on everything from the The Sun to Sky News and is on the #CoolBrands Council. He started his career in football, making him one of approximately one journalists to have covered both a World Cup final and an iPhone launch.