The DNS exploit is now in the wild. DNS servers that have not been patched can be exploited so that if you type a URL, such as for your bank’s website, you may be directed to some other site pretending to be your bank. You won’t be able to tell the difference, since the DNS name server will tell you that that is actually the bank’s site. From there, the site can steal your user name, password and other data.
To test whether your ISP has patched their DNS servers, go to Dan Kaminsky’s blog and use the Check My DNS button. More than 52% of ISPs have vulnerable DNS name servers!