A huge percentage of the vulnerable servers were patched before the details of the flaw came out, thanks to behind-the-scenes work by Kaminsky, Microsoft, CERT and others. But, despite the success, Kaminsky said there are still serious dangers lurking in the DNS system. About one to three percent of DNS servers have had a confirmed cache-poisoning event, he said. He detailed several types of attacks that are possible as a result of the weaknesses in the system as well as in other parts of the security infrastructure, including SSL.
Source: https://threatpost.com/six-months-later-dns-still-taking-hit-022409/72382/