First published: 30th July 2009
System administrators have been urged to update their BIND (Berkeley Internet Name Domain Server) installations because of a vulnerability that can allow an attacker to crash master servers by submitting a malformed update message. Slave servers are not vulnerable. BIND is the most common DNS software on the internet. The newly-released versions, 9.4.3-P3, 9.5.1-P3 or 9.6.1-P1, which defend against the flaw are available from the Internet Systems Consortium, the developers of BIND.
Exploits are already in circulation.