Apple releases patch for critical flaw

Tiger and Leopard fit to roar

Post a comment
Print

By Steven Musil, 1 August 2008 09:08

NEWS

Apple released a security update yesterday to users of its Tiger and Leopard operating systems to address a critical Domain Name System flaw, along with a dozen other updates.

The DNS flaw, which was first reported by Dan Kaminsky of IOActive on 8 July, could allow attackers to redirect website visitors to any site they choose and present forged information. The DNS translates the common name of a website into its numerical IP address, and is therefore a fundamental component to the internet.

An exploit code that could allow someone to attack the DNS was available in various places on the internet on 23 July.

Apple's update also fixes a QuickLook bug where loading a malicious Microsoft Office file could lead to "arbitrary code execution".

Apple recommends Security update 2008-005 for all systems running Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.4, Mac OS X Server v10.5.4. The update is available at Apple.com or through the update mechanism in OS X.

Post a comment
Print

Post your comment

In order to post a comment you need to be registered and logged in.

Latest Security stories

Featured white papers

Vulnerability Management Buyer's Checklist

Qualys

Key Questions to Ask Before You Select a VM Solution Choosing a solution for Vulnerability Management (VM) is a critical step toward protecting your organisation's network and data. Without proven, automated technology for precise detection and remediation, no network can withstand the daily onslaught of new vulnerabilities that threaten security. To help finalise your decision on which solution to buy, Qualys provides this 12-point short list of considerations that will help you determine what will work best for your organisation.

Download now »
Creating a Dynamic Infrastructure through Virtualization

IBM

In almost every case,the transformation to a dynamic infrastructure will involve virtualization.Many IT professionals think of virtualization specifically in terms of servers.IBM,however,has a broader perspective,in which virtualization is seen as a generalapproach to decouple logical resources from physical elements,so that thoseresources can be allocated faster,more cost-effectively and more dynamically,wherever the business requires them in real time to ideally meet changingdemand levels or business requirements.

Download now »
How IP geolocation can improve your website experience and marketing activity

Quova

With geolocation technology, you can know a web user's real world whereabouts. This report examines the benefits from the fictional retailer's point of view. Things-4-You- a thriving online business, which had a poor record in converting online visitors into buying customers. Things-4-You demonstrates the potential of IP geolocation online. retailers.

Download now »