DNS servers crashing as internet hit by unidentified vulnerability

A spate of DNS server crashes over the past couple of days is being blamed on a zero-day vulnerability that is being exploited by someone launching a series of DOS (denial of service) attacks. And so far the flaw – which allegedly affects the commonly-used BIND 9 DNS servers – has not been identified.

The Internet Systems Consortium (ISC) has issued an advisory about the problem and has released a patch to deal with the problem while the root problem is uncovered. Users of BIND 9 are being encouraged to update as soon as possible to ensure that this temporary fix is at least available for their services.

The patches don’t seem to fix the actual vulnerability, instead patching the specific error that causes the systems to crash. The flaw is said to affect BIND 9.4-ESV, 9.6-ESV, 9.7.x, and 9.8.x, but there’s no word so far as to which sites have been affected. More information on the flaw is expected to be revealed later today.


About Sarah Bosdiccia

Sarah Bosdiccia is a writer, journalist, blogger and editorial assistant. In the past, she has worked in the local newspaper business and has taught journalism modules at undergraduate level. She doesn't 'do' Facebook but you can follow her at @sarah_bosdiccia.


No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: