The Mac Observer

Skip navigational links

You're viewing an article in TMO's historic archive vault. Here, we've preserved the comments and how the site looked along with the article. Use this link to view the article on our current site:
Apple Security Update 2008-005 Fixes DNS Issue

Apple Security Update 2008-005 Fixes DNS Issue

by , 7:55 AM EDT, August 1st, 2008

Apple rolled out a late day security update on Thursday that addressed potential DNS-related flaws in Mac OS X Leopard and Tiger. Security Update 2008-005 prevents malicious attackers from forging Web sites -- a trick that could potentially be used for phishing attacks where hackers trick Web surfers into giving up personal information like passwords and bank account data.

The security update fixed flaws that could allow an attacker to use the Open Scripting Architecture to run commands with elevated privileges. It also addressed problems where maliciously crafted Web sites could use CoreGraphics to crash applications or run arbitrary code, maliciously crafted messages could use Data Detectors to crash applications, emac could be used to gain System Privileges after Disk Utility's Repair Permissions tool has been run, and OpenLDAP and OpenSSL could be used to crash applications or run arbitrary code.

PHP was updated to version 5.2.6 to block several potential security issued that could lead to crashed applications or arbitrary code execution.

A flaw in QuickLook was patched that could lead to crashed apps or arbitrary code execution, and rsync was updated to prevent remote attackers from accessing or overwriting the module root.

Security Update 2008-005 requires Mac OS X 10.4.11 or 10.5.4, or Mac OS X Server 10.4.11 or 10.5.4. It is available via Apple's Software Update application, or as a downloadable installer at the Apple Support Web site.

Recent Headlines - Updated August 29th

Fri,7:45 PM
Back from the Dead: Using Apple’s Abandoned Safari for Windows Today
7:00 PM
Keychain 101: Getting Started with Apple’s Password Manager
5:15 PM
An iPhone 6s That Can Record 4K Video Means a 4K Apple TV
4:53 PM
Drive Genius 4: $49.99
4:33 PM
Losing Ian Rogers Sucks for Apple and the Music Industry
3:10 PM
Google Instructs Advertisers on How to Bypass Apple Security - But There’s More
2:40 PM
How to Lock the Dock Size, Position, and Contents in OS X
1:33 PM
Satisfy Your Growing Storage Needs with a 5TB External Drive for $130
1:24 PM
TMO Daily Observations 2015-08-28: Apple’s in-store iPod, um, Shuffle
11:45 AM
How To Use Your iPhone’s Barometer to Crowdsource Weather
11:30 AM
Apple Watch is Gaining on Fitbit, but that Doesn’t Mean Fitbit is Screwed
10:07 AM
The iPod Has Been Relegated to the Back of the Apple Store, But with Good Reason
  • __________
  • Buy Stuff, Support TMO!
  • Podcast: Mac Geek Gab
  • Podcast: Apple Weekly Report
  • TMO on Twitter!