Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Patches Kaminsky DNS Vulnerability

Posted by kdawson on from the cache-me-if-you-can dept.

Alexander Burke writes "Apple has just released Security Update 2008-005, which patches BIND against the Kaminsky DNS poisoning issue. 'This update addresses the issue by implementing source port randomization to improve resilience against cache poisoning attacks. For Mac OS X v10.4.11 systems, BIND is updated to version 9.3.5-P1. For Mac OS X v10.5.4 systems, BIND is updated to version 9.4.2-P1.' It also closes the script-based local privilege escalation vulnerabilities, the most common examples of which were ARDAgent and SecurityAgent, and addresses other less-publicized security issues as well." A few days back we noted Apple's tardiness in fixing their corner of this Net-wide issue.

2 of 89 comments (clear)

  1. Re:They might have been slow... by NotWorkSafe · · Score: 0, Flamebait

    No 10.3 version? Cry me a river. Are you going to complain about the lack of Windows 98 version as well?

    --
    There is no theory of evolution. Just a list of animals Chuck Norris allows to live.
  2. Re:Good job apple by falcon5768 · · Score: 0, Flamebait

    Hundreds of thousands of education institutions, the US Military (Navy and Army in particular), and a number of Fortune 500 companies are nothing huh?

    --

    "Slashdot, where telling the truth is overrated but lying is insightful."