Apple has at last issued a patch for the DNS flaw considered one of the most dangerous vulnerabilities ever to affect the Internet.
On Friday, Apple posted a security advisory saying that the patch will fix Apple's implementation of the Berkeley Internet Name Domain (BIND) DNS server in Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.4, and Mac OS X Server v10.5.4.
The DNS flaw allows an attacker to execute a cache poisoning attack, where traffic to a legitimate domain name is redirected to a malicious one after an attack on a DNS server. The user can type in the correct name for a Web site, but get a fake one instead, which can enable a phishing attack. While some users might notice if they're directed to a odd-looking Web page, many people could be successfully fooled.
Apple is among a handful of companies that security experts have said moved far too slow in reacting to the DNS bug. Other vendors, including Cisco and Microsoft, had patches ready when the existence of the flaw was disclosed on July 8. But some network administrators have reported compatibility problems with those early patches.
ISPs and major vendors with either DNS software or DNS services applied patches after the flaw's discoverer, security researcher Dan Kaminsky, coordinated a secret patching effort.
Details of how to exploit the flaw were eventually leaked on July 21, making those with still-unpatched systems especially vulnerable.
Many ISPs still have not patched their systems, and Kaminsky said those companies are moving far too slow given the danger the vulnerability poses. Some attacks have been reported.
Apple has also wrapped a dozen other fixes in the security update. The fixes can be downloaded individually or the "software update" feature can be used in OS X to download the whole batch.
This whitepaper explains the terminology and concepts behind Data Replication technologies and establishes some sizing rules through worked examples. Learn the new paradigm in disaster tolerance—protect data anywhere.
Download now »
Server virtualization is a popular option for dealing with mounting datacenter costs. Another equally promising approach is the use of an Application Delivery Controller. Citrix NetScaler provides a low-cost way for organizations to reduce their server count and accrue cost savings from a reduction in space, cooling, power and personnel.
Download now »
The emergence of WLANs has created a new breed of security threats to enterprise networks.
Included in HP ProCurve WLAN solutions is security technology that alleviates threats from WLANs through:
* Monitoring wireless activity inside and out of the enterprise
* Classifying WLAN transmissions into harmful and harmless
* Preventing transmissions that pose a security threat to the enterprise network
* Locating participating devices for physical remediation
Effectively address data protection challenges, implementing solutions that help store and protect business–critical data while cutting costs and improving efficiency and reliability.
Download now »
Sign up to receive Security Resource Alerts
This white paper provides guidance on how to develop a strategic approach to managing and monitoring logs, a key function required for compliance with many regulatory mandates and a critical defense against security threats.
Download now! »
Learn about the processes and technologies that support security information management (SIM) operations, as well as the business case for SIM. The series examines different options for implementing SIM and gives you evaluation criteria for selecting the best option for your organization.
Download now! »
Learn the strategies, actions, and capabilities that Best-in-Class organizations employ and technologies they choose to obtain superior performance against various security performance metrics. This report provides guidelines for identifying which security solutions to consume as a MSS and defines best practices for choosing and managing MSSPs.
Download now! »
Recommend This
