Quantcast

Apple Bites Back At Critical DNS Flaw

Leopard and Tiger updated with fix

Get the WebProNews Newsletter:
[ Technology]

Apple took nearly a month after other major DNS system vendors to release a patch for a major vulnerability that has exploit code in the wild.

Administrators for Apple systems running DNS will see a patch among the items arriving in a newly-released security update for their OS X operating system. The widely discussed cache poisoning flaw could cause a nameserver to return forged information to a system requesting it.

Numerous major vendors met earlier in the year to discuss the problem with DNS. On July 8, Microsoft, Cisco, and others released a patch to address what has been described as the most serious flaw ever seen online.

Exploit code quickly became available once a security researcher, Halvar Flake, speculated on the nature of the flaw. A security firm briefed on the flaw confirmed the hypothesis with a blog post they published and subsequently withdrew, unfortunately not before many witnessed that confirmation.

If exploited, a cracked nameserver could redirect requests for websites to any site of the attacker’s choosing. Couple that with a well-forged financial site, and the criminal owns an easy way to steal personal information with no indication to the victim about the event.

The BIND nameserver is turned off by default in OS X, limiting the scope of the vulnerability on the platform. But considering the deep roots OS X has in Unix-type operating systems, it seems strange the company took so long to follow the rest of the industry in patching DNS.

Apple Bites Back At Critical DNS Flaw
Top Rated White Papers and Resources
  • Guest

    Its apple, hence it doesn’t work, but at least it looks pretty….  I say stop drinking the kool-aid… Apple isn’t special…

    • Apple wins again!

      Why the anti-Apple reaction?  Not everything Apple makes is perfect, but their batting average certainly puts Microsoft to shame.  I use systems running OS X, Windows Vista and XP every day and my productivity using OS X is much higher.  Vista is a joke and Microsoft should be ashamed for selling such a poor product.  Nearly 28 million OS X users agree.

      • Guest

        Proof, I say not to the previous commenter.

        Good luck trying to say 28 million "mac" users agree with you.. I’ve decided against mac from day one because of my experiences and "lack" of productivity using it ; Since I’ve moved to rapid development in a windows environment, our ROI and productivity has went up substancially…

        Before you make claims, back them up with something

  • Guest

    And how many Apple DNS servers were compromised by this horrific security breach?  Oh, we’ll get right on that….

  • Guest

    Maybe your productivity has gone up for producing raw content, but how much do you have to go back and check your work if you spell SUBSTANTIALLY incorrectly?