Latest News

Telstra-led consortium to build out NSW's digital twin

Victoria embarks on govt cyber security uplift

UK seeks to break down digital trade barriers

India antitrust probe finds Google abused Android dominance

Why educators should partner rather than compete with EdTech

Apple patches DNS hole

By Stewart Meagher on Aug 4, 2008 9:35AM

Apple patches DNS hole

Apple has released a security patch which fixes a much-publicised flaw in Domain Name Server (DNS) security, which could have allowed cache-poisoning attacks.

Security Update 2008-005, which is available through Software Update under the Apple icon in the menu bar also fixes a number of other security issues as follows.

Open Scripting Architecture Fixes an elevated privileges bug when loading plugins CarbonCore Fixes stack overflow in handling long file names. Potential code execution.

CoreGraphics Fixes two bugs, both code execution, one for malicious graphics the other for malicious PDFs. Data Detectors Engine Prevents engine crashes when parsing maliciously-crafted content. Disk Utility Stops local users from obtaining System privileges.

OpenLDAP Fixes an ASN parsing bug which can lead to a crash. OpenSSL Repairs range checking error which can lead to remote code execution. PHP Fixes five different bugs, one of which can lead to remote code execution.

QuickLook Blocks maliciously-crafted Microsoft Office files which can cause QuickLooks to crash or allow remote code execution. rsync Fixes path validation errors.

The 65Mb, download which is available as you read, addresses all of the above problems, some of which were first reported way back in September 2007. µ

Got a news tip for our journalists? Share it with us anonymously here.

theinquirer.net (c) 2010 Incisive Media

Tags:

apple dns finally hole patches security

Partner Content

Why encryption is the key to digital fitness, according to Thales

Partner Content Why encryption is the key to digital fitness, according to Thales

From 30 people to 6 million: How workplace tech is driving Movember's global community

Promoted Content From 30 people to 6 million: How workplace tech is driving Movember's global community

Solving the post-COVID digital access control headache

Partner Content Solving the post-COVID digital access control headache

Taking the fast track to B2B digital fitness

Partner Content Taking the fast track to B2B digital fitness

Sponsored Whitepapers

Tomago Aluminium improves SAP environment performance, security with Red Hat and IBM

Tomago Aluminium improves SAP environment performance, security with Red Hat and IBM

Future of work: Support your distributed HR workforce with digital document processes

Future of work: Support your distributed HR workforce with digital document processes

Develop a resiliency strategy that integrates risk analysis & continuity management

Develop a resiliency strategy that integrates risk analysis & continuity management

IBM Maximo: Manage any asset, anytime, any place with mobile EAM

IBM Maximo: Manage any asset, anytime, any place with mobile EAM

Optimise your operations with APM and AI-Powered insights

Optimise your operations with APM and AI-Powered insights

Events

Nutanix .NEXT Conference

Most Read Articles

Westpac replaces branch phone systems with iPhones, Teams Calling

Westpac replaces branch phone systems with iPhones, Teams Calling

Australia Post nears end of massive telco transformation

Australia Post nears end of massive telco transformation

Westpac loses its group head of data and advanced analytics

Westpac loses its group head of data and advanced analytics

NBN Co to charge free fibre recipients that don't stick with higher speed plans

NBN Co to charge free fibre recipients that don't stick with higher speed plans

Most popular tech stories