Even with the latest patches, BIND is still vulnerable to DNS cache poisoning attacks. But so far it looks like this isn't nearly as bad as the previous cache poisoning situation.

Writing in his blog, Evgeniy Polyakov said that he needed "to send more than 130 thousand of requests for \[bogus DNS records\] to be able to match port and ID and insert poisoned entry for the poisoned_dns.blah.com."

The attempt took about 10 hours to accomplish. So what are the implications? Polyakov said "if you have \[gigabit Ethernet\] any Trojaned machine can poison your DNS during one night...."

Read more at Polyakov's site.