A security researcher has found a serious vulnerability in an aging yet widely used software program used for the Internet's addressing system, prompting the software's maintainers to retire the affected version.
The flaw within Berkeley Internet Name Domain 8 (Bind 8) software could misdirect users to a fraudulent Web site even if a user typed in the correct URL (uniform resource locator), wrote Amit Klein, chief technology officer for security vendor Trusteer Ltd. Klein discovered the problem.
Users are being advised to upgrade to Bind 9.4, the latest version of the software, which underwent an architecture rewrite to improve security. The software, maintained by the Internet Software Consortium (ISC), is free to download.
More Here