It has come to light that many DNS poisoning attacks are happening against companies that are relying on older versions of Symantec security applications. The result is that end users are being directed to malicious websites, and that's not good for business at all.
Symantec have stepped in with a solution. They are urging users who have older versions of their Gateway Security Appliance or Enterprise Firewall to download a software update it has released to block the DNS attacks. This 'anti-poison' software patch should stop these attacks in their tracks.
Under the attacks hackers take advantage of vulnerabilities in the DNS server configuration to direct users on legitimate web searches to websites that can spread malware onto corporate desktops, such as viruses, adware and spyware.
The exploit directs users to a different Web IP address even though the correct domain has been typed in.
The DNS attacks have also been reported by the SANS Institute's Internet Storm Centre (ISC).