I would think if you get it done before the Black Hat meeting where the researcher is going to make public the details you should be fine. In one article it was mentioned that it was expected that several attempts to use this vulnerability would be made within a week of those details being made public. I don't know if that is true or not but there are enough examples of people using details of or reverse engineering of patches to make worm/Trojans/viruses that use the patched vulnerability to make that statement plausible.
Jon On Thu, Jul 10, 2008 at 3:21 AM, James Rankin <[EMAIL PROTECTED]> wrote: > I was wondering whether this was the sort of vulnerability that needed a > patch pushing through outside of the normal cycle, but having reviewed it as > much as possible I don't think it is. I think all the hype is centred around > the fact that it is a vulnerability affecting multiple implementations from > different providers, but that makes it more of an interesting anomaly than > anything else. We will be updating our DNS in the usual cycle. > > 2008/7/9 Michael Ross <[EMAIL PROTECTED]>: > > Its doesn't matter which type of DNS you're using. This is a vulnerability >> in the protocol itself, not in whose implementation of it you like or >> dislike. >> "Earlier this year, professional security research Dan Kaminsky discovered >> a >> major issue in how Internet addresses are managed (Domain Name System, or >> DNS). This issue was in the design of DNS and not limited to any single >> product." >> >> -----Original Message----- >> From: Jim McAtee [mailto:[EMAIL PROTECTED] >> Sent: Wednesday, July 09, 2008 12:22 PM >> To: NT System Admin Issues >> Subject: Re: DNS flaw plugged by vendors >> >> Out-of-band? He he. >> >> We've updated BIND. Of course, we don't use any Microsoft DNS servers for >> public facing DNS. >> >> >> ----- Original Message ----- >> From: "James Rankin" <[EMAIL PROTECTED]> >> To: "NT System Admin Issues" <[email protected]> >> Sent: Wednesday, July 09, 2008 1:30 AM >> Subject: DNS flaw plugged by vendors >> >> >> > >> >> http://securosis.com/2008/07/08/dan-kaminsky-discovers-fundamental-issue-in- >> dns-massive-multivendor-patch-released/ >> > >> > Is anyone taking any remedial action about this out-of-band? It seems to >> > be >> > presented as quite threatening... >> > ~ >> >> >> ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ >> ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ >> >> >> >> ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ >> ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ >> > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
