The DNS vulnerability reported by Dan Kaminsky is not only serious, but also imperative to be solved as soon as possible. But what happens when the patch that was supposed to solve the problem has a problem?

A new set of bad news comes from a Russian physicist, Evgeniy Polyakov, who demonstrated that the DNS patch is actually not as efficient as everyone expected, and that if fact, it can be exploited. He figured it out in just 10 hours, so imagine what hackers could do soon, if the problem isn't solved.

During the Black Hat Conference this week, Dan Kaminsky explained that “every network is at risk,” until they apply the patch. It appears now that the patch itself is not secure, and his predictions start to come true: the flaw is greater than it looks, and it is critical solving it before the bad guys figure out how to take over the Internet.

The current DNS system allows the exploitation of Internet addresses, making it possible for hackers to redirect web addresses as they wish, turning the online experience into an unsafe one.

Evgeniy Polyakov showed how two attacking servers linked via one GigE link, were able to send 40-50 thousand fake replies before remote server returned the correct one, making the probability of a successful poisoning of about 60 percent. “So, if you have a GigE lan, any trojaned machine can poison your DNS during one night,” the researcher concluded.

Almost half the Internet users have applied the patch, and over 70 percent of Forbes 500, but are they safe now? Unfortunately, the answer is no, attacks seem more imminent than ever, especially now that fixing the worst vulnerability in the history of Internet become more challenging than ever.