Microsoft Security Advisory (956187) has been released:
A third exploit just was released on milw0rm as well.
Microsoft released Microsoft Security Bulletin MS08-037 on July 8, 2008, offering security updates to protect customers against Windows Domain Name System (DNS) spoofing attacks. Microsoft released this update in coordination with other DNS vendors who were also similarly impacted. Since the coordinated release of these updates, the threat to DNS systems has increased due to a greater public understanding of the attacks, as well as detailed exploit code being published on the Internet.
Microsoft is not currently aware of active attacks utilizing this exploit code or of customer impact at this time. However, attacks are likely imminent due to the publicly posted proof of concept and Microsoft is actively monitoring this situation to keep customers informed and to provide customer guidance as necessary.
Microsoft’s investigation of this exploit code has verified that it does not affect Microsoft customers who have installed the updates detailed in Microsoft Security Bulletin MS08-037. Microsoft continues to recommend that customers apply the updates to the affected products by enabling the Automatic Updates feature in Windows.
Microsoft has identified known issues with the updates offered in Microsoft Security Bulletin MS08-037. For more information about known installation issues, see Frequently Asked Questions (FAQ) Related to This Security Update in Microsoft Security Bulletin MS08-037, and Known issues with this security update in Microsoft Knowledge Base Article 953230.
- Govcert.NL publishes "The Kaminsky Code" Factsheet
- Short Review of Blackhat DNS Webinar with Dan Kaminsky
- Metasploit releases DNS cache poisoning exploit (part 2)
- Metasploit releases DNS cache poisoning exploit (part 1)
- NOW is the time to patch those unpatched DNS servers. Details have leaked. (updated)
- Dan Kaminsky Blackhat Webcast on the DNS vulnerability on the 24th of July (updated)
- More on the DNS vulnerability
- Warning: details multi vendor DNS cache poisening flaws released (updated)