A security researcher Tuesday revealed a flaw that makes it possible for hackers to take control of the Internet.

The flaw is in the design of the Internet's Domain Name System(DNS), a fundamental feature of the Internet that makes it possible for computers to find Web sites.

Details of how the flaw works were not revealed, but it allows Internet users to be redirected anywhere an attacker chooses, said Dan Kaminsky, the director of penetration testing for IOActive, who discovered the flaw by accident six months ago.

According to a bulletin from the U.S. Computer Emergency Readiness Team (US-CERT), the vulnerability (VU#800113) could allow cache poisoning and misdirection of Web requests, sending users to unknown Web sites.

Web poisoning exploits are well-known, but because the new vulnerability lies in the basic design of the protocol, it is potentially more dangerous than previous problems. If the vulnerability is exploited, “you would have the Internet, but it wouldn’t be the Internet you expect,” Kaminsky said.

A group of 16 security researchers met on Microsoft’s campus in March to coordinate a response.

Major vendors of Domain Name System (DNS) servers are making an unprecedented coordinated release of patches.

By withholding details and using a patch that does not directly fix the vulnerability, the researchers hope to make it as difficult as possible for hackers to find the vulnerability.