Security researcher Dan Kaminsky made headlines last year when he discovered a critical DNS flaw. If left unpatched it could have crippled vast parts of the Internet. As 2009 starts up, a new DNS (define) flaw has emerged, but the severity of the threat is less pronounced.
ISC (Internet Systems Consortium) the group leading development of the open source BIND DNS server that dominates the Internet, quietly issued a patch to multiple versions of BIND this week.
The flaw affects elements of DNSSEC (define), which are extensions used to add an additional layer of security to the Domain Name System. DNSSEC protocols are what the ISC and other security experts identified as the long term solution to the Kaminsky flaw.