This is a live alert (announced 27 July 2008 :15:32)

We have been monitoring a worrying situation over the past few weeks. The nature of the exact situation is fairly complex and I won't explain too deeply here, however it is sufficient to know that it involves a hole in DNS, which is the system that gives your computer the actual location of websites you type into your web browser address bar.

The upshot of the vulnerability is that anyone running a DNS server (and that probably means your internet service provider) needs to apply an update to that service or the service can be compromised. If the vulnerability is successfully exploited, all customers using DNS on that server could be sent to any arbitrary site on the web. For example: if you typed in say... www.hsbc.co.uk and your ISP had been compromised, the infected DNS server could send you to www.pleaseemptymybankaccount.com where you would see an exact replica of the HSBC login screen and you would be none-the-wiser.

So what do you do...? 

Firstly check with your ISP to ensure that their DNS servers have been updated. If they have then great, you are safe.

If they are not up to date or if you don't believe your ISP is telling you the truth, then you can decide to use a third party DNS provider like "Open DNS" (If you click on the link you will be taken to the Open DNS welcome Page). They will then handle your DNS traffic securely for you.

As always, if you are unsure about what to do or would like assistance, please don't hesitate to call us.

Regards,

Jason Bell

Director

PC Surgeon UK Ltd.

01380 816629