Apple Clients Still Vulnerable After DNS Patch

Glenn Fleishman sends word that SANS Institute testing indicates that, even after installing Apple's latest patch for the DNS vulnerability, Leopard desktops (not servers) are still vulnerable — or at least perpetuate risky behavior that makes exploitation easier. This matters because "With servers rapidly being patched worldwide, it's likely that the low-hanging fruit disappears, and vectors [will be] designed to attack massive numbers of clients on ISP networks."

Late then broke then YAY!?

[Coolhand2120]

First Apple is late with the patch. Then the patch does not address the problem. And they do it again and again and again. Which is always met with great fanfare by Mac fans. Exhibit A is the first 50 posts here on slashdot. As long as Mac fans accept these BS patch fixes with a cheer, Apple will keep releasing patches that don't patch the probelm.

[sigh] even the article title is "DNS Clients Have Small Vector of Risk after Patch" ,,, where is the word 'small' in the /. title... ?

Unless lookupd is doing something really weird, this is a non-issue.

I don't understand how I can be vulnerable to this if I'm not running a DNS server. No open ports means no one can get in, unless I connect to them. If the DNS server I connect to is secured, how can anyone compromise my machine this way?

What it comes down to was Apple reported this patched fixed a problem that it did not fix. This means either they did not test the patch, incompetence, or they knew it didn't address the problem but told everyone it did, lies. All this defence of the indefensible makes people look like blithering idiots. If any company releases a patch that claims to patch something, then does not, that company deserves scorn, not this weak defence (oh it's not that bad!).