What do I do if I'm vulnerable?
Patches are out, but as Kaminsky has said, this is really a problem for ISP (Internet Service Providers) and companies -- which maintain DNS servers -- to fix, rather than an end-user issue.
But that doesn't mean there's nothing for you to do.
If the testing tools show that you're vulnerable, you should contact your ISP or network administrator to ask what they're doing to plug the hole.
You should also apply any client-side patches that have been released. Microsoft, for instance, rolled out fixes on July 8 for Windows 2000, XP, Server 2003 and Server 2008. If you haven't applied the update spelled out in MS08-037, do so now.
According to a security advisory that Microsoft issued late last week -- after attack code geared to the DNS bug went public -- users who have installed the update are safe from attacks using the currently available exploits.
I use a Mac. What do I do?
As Mogull said in the story he wrote for TidBits last week: "Apple has not yet provided a patch, unlike dozens of other companies that make or distribute operating systems or DNS server software. Their customers are now in danger and Apple needs to respond immediately."
Fortunately, notes Mogull, attacks are much more likely against Mac servers than individual Macs, so though the later are technically vulnerable, "there's no need to panic."
My ISP isn't doing squat. What's my next move?
You can shift to other DSN servers, in effect abandoning those run by your ISP.
Several prominent security experts, including Kaminsky, have recommended OpenDNS, a free service that includes detailed instructions on how to steer your browser to its servers for DNS lookups by modifying settings in your operating system or router.