No doubt you’ve heard about this “new vulnerability” that can “bring the Internet down”. The real scoop is in US-CERT’s TA04-111A. Well, first, it’s not a new vulnerability, it’s an exploit of an old one that was published back in 2001. Next, the chances of any of the major hubs NOT addressing this issue is almost nil.
So, what’s the deal? I dunno, a slow newsday and the hounds were looking for anything that’d move product, I guess. I’m not saying it’s an inconsequential flaw, just that it doesn’t foretell the end of the world or anything like that.