This article is from the source 'bbc' and was first published or seen on . It will not be checked again for changes.

You can find the current article at its original source at http://news.bbc.co.uk/go/rss/-/1/hi/technology/7496735.stm

The article has changed 8 times. There is an RSS feed of changes available.

Version 3 Version 4
Internet security breach tackled Fix found for net security flaw
(21 minutes later)
Computer experts have released software to tackle a major security glitch in the internet addressing system. Computer experts have released software to tackle a security glitch in the internet's addressing system.
The flaw, discovered by accident, would allow criminals to redirect users to fake webpages, even if they typed the correct address into a browser.The flaw, discovered by accident, would allow criminals to redirect users to fake webpages, even if they typed the correct address into a browser.
Internet giants like Microsoft are now distributing the security patch. Internet giants such as Microsoft are now distributing the security patch.
Security expert Dan Kaminsky said that the case was unprecedented, but added: "People should be concerned but they should not be panicking."Security expert Dan Kaminsky said that the case was unprecedented, but added: "People should be concerned but they should not be panicking."
He discovered the error in the Domain Name System (DNS) about six months ago. "We have bought you as much time as possible to test and apply the patch," he said. "Something of this scale has not happened before."
Mr Kaminsky discovered the error in the workings of the Domain Name System (DNS) about six months ago.
DNS is used to convert web addresses written in words - such as www.bbc.com - into the numerical sequences used by computers to route internet traffic around the world.DNS is used to convert web addresses written in words - such as www.bbc.com - into the numerical sequences used by computers to route internet traffic around the world.
The glitch would make it simple to operate "phishing" scams, in which users are directed to fake webpages supposedly for genuine banks or businesses and tricked into disclosing credit card details or other personal data. The flaw revolves around the way that the servers that translate words into numbers handle the requests they get.
Mr Kaminsky held talks with computer giants such as Microsoft, Sun and Cisco in March, and has been part of a team engaged in secret research since then, developing the security patch which has now been released simultaneously for all computer platforms. Unresolved the flaw would make it simple to operate "phishing" scams, in which users are directed to fake webpages supposedly for genuine banks or businesses and are tricked into disclosing credit card details or other personal data.
Technical details are being kept secret for another month to give companies a chance to update their computers, before hackers try to unpick the patch. Mr Kaminsky talked to Microsoft, Sun and Cisco and many others in March and has been part of a team engaged in secret research since then to develop the security patch which has now been released simultaneously.
Personal computers should pick up the patch through automated updates. "This hasn't been done before and it is a massive undertaking," said Mr Kaminsky said.
Despite the scale of the operation few are expected to see any disruption to their web experience as the patch is applied. It is not thought that the flaw had been exploited prior to its discovery.
Technical details are being kept secret for another month to give companies a chance to update their computers, before malicious hackers try to unpick the patch.
Personal computers should pick up the patch through automated updates. Microsoft released its patch on 8 July as part of its regular security updates.