Do NOT cross the streams!
Yes, use after free is certainly part of the problem. But it is not the root issue. The root issue is that, in its infinite wisdom and attention to security, it is allowing customers (attackers) to register domain names in the same namespace as it is using for its own business. Certainly, it needs to allow customers some name space to register their domains. But there is no excuse for using that same namespace for its business. None.
This is an architecture issue. Architect things properly, and sloppy housekeeping won't burn you down. Architect them poorly....
Biting the hand that feeds IT
