ISC is urging BIND users to upgrade their production DNS servers immediately. ISC recently announced a patch to fix an exploit in BIND. This exploit is in the wild and has been used to crash BIND servers resulting in a denial of service. Using a specially crafted dynamic update packet, a remote attacker can create an assertion failure resulting in the BIND named daemon exiting. This exploit is only possible against servers that are masters for one or more zones, but doesn't require dynamic updates to be allowed in order to cause the crash.

ISC has made patches available for BIND versions 9.4, 9.5, and 9.6.