A flaw in the way the Net functions has sparked the “largest security update” ever, and fears that millions of people remain exposed to criminals and malicious hackers, say reports.
“Microsoft was among net companies yesterday which announced action to close the loophole that has potentially affected every site on the web,” says the Guardian, going on:
The bug was spotted this year by Dan Kaminsky, a director at the American security specialist IOActive, who immediately contacted big technology firms to alert them to the problem.
The scam involved hijacking internet addresses and sending surfers to websites other than those they intended to see. By this route criminals stood the chance of tricking victims into handing over personal details or making payments to the wrong people.
In late March Kaminsky grouped together 16 companies that make DNS software, “and talked them into fixing the problem and jointly releasing patches for it,” says PC World.
“But some of Kaminsky’s peers were unimpressed,” it says.
“That’s because he violated one of the cardinal rules of disclosure: publicizing a flaw without providing the technical details to verify his finding.”
But yesterday he went even further, asking hackers to avoid researching the problem until next month, when he plans to release more information about it at the Black Hat security conference,’ says the story,
There’s no evidence of the bug being exploited by hackers, says the Guaridan, but the news, “drew an unprecedented response from the technology industry” a.”.
“This is the largest synchronised security update in the history of the internet,” it has Kaminsky saying.
“The severity of this bug is shown by the number of those who are on board with patches.”
“We are seeing a massive multi-vendor patch for the entire addressing scheme for the internet - the kind of a flaw that would let someone trying to google.com be directed to wherever an attacker wanted,” stuff.co.nz quotes Jeff Moss, founder of annual Black Hat computer security conference, declaring.
“What Dan’s done is really significant for the entire stability of the internet.”
.
.
Continued here:
?Largest security update? ever
