Apple Security Update 2008-005 Fixes DNS Issue
Apple Security Update 2008-005 Fixes DNS Issue
by , 7:55 AM EDT, August 1st, 2008
Apple rolled out a late day security update on Thursday that addressed potential DNS-related flaws in Mac OS X Leopard and Tiger. Security Update 2008-005 prevents malicious attackers from forging Web sites -- a trick that could potentially be used for phishing attacks where hackers trick Web surfers into giving up personal information like passwords and bank account data.
The security update fixed flaws that could allow an attacker to use the Open Scripting Architecture to run commands with elevated privileges. It also addressed problems where maliciously crafted Web sites could use CoreGraphics to crash applications or run arbitrary code, maliciously crafted messages could use Data Detectors to crash applications, emac could be used to gain System Privileges after Disk Utility's Repair Permissions tool has been run, and OpenLDAP and OpenSSL could be used to crash applications or run arbitrary code.
PHP was updated to version 5.2.6 to block several potential security issued that could lead to crashed applications or arbitrary code execution.
A flaw in QuickLook was patched that could lead to crashed apps or arbitrary code execution, and rsync was updated to prevent remote attackers from accessing or overwriting the module root.
Security Update 2008-005 requires Mac OS X 10.4.11 or 10.5.4, or Mac OS X Server 10.4.11 or 10.5.4. It is available via Apple's Software Update application, or as a downloadable installer at the Apple Support Web site.
Observer Comments
Comments are currently closed. Please email the author instead.
Recent Headlines - Updated February 9th
- Tue, 1:31 PM
- Jeff Gamet's Blog - Macworld Expo: It’s Our Show, Not Apple’s
- 10:38 AM
- Quick Look Review - Texas Tea for the iPhone and iPod touch
- 10:25 AM
- News - Apple Rolls Out Aperture 3 Video Tutorials
- 10:00 AM
- Hot Forum Topic - Backing Up Your iPhoto Library
- 9:35 AM
- Product News - Notebook, iThoughts Add TextExpander touch Support
- 9:00 AM
- Hidden Dimensions - The Killer Surprises Waiting for Steve Ballmer
- 8:50 AM
- Product News - Aperture 3 Adds Faces Support, More [Updated]
- 8:30 AM
- TMO Quick Tip - Fixing iPhone and MobileMe Sync Headaches
- 8:12 AM
- News - Apple Store Offline, Rumors Point to New Laptops
- 8:00 AM
- TMO Appearances - TMO’s Bryan Chaffin and the Atomic Love Bombs Perform During Macworld Expo
- Mon, 5:37 PM
- News - Juniper Readies Software to Improve Cell Carrier Networks
- 5:17 PM
- Macworld Expo - Macworld Expo 2010 Hess Party List Goes Online
The Mac Observer Reader Specials
- TypeStyler For Mac OS X is Now Shipping! Download The Free Fully Functional 60 Day Tryout at www.typestyler.com
RamJet Memory: Mac Pro 8GB Kit $275.99, Mac Pro 4GB Kits $145.99! Sale on MacBook and MacBook Pro 8GB kits $459.99! MacBook, MacBook Pro, iMac Mac mini 4GB Kits for $113.99! 1TB SATA Hard Drives for $109.99! Click here- If you own a car, you need CarMD! Catch problems, estimate repairs and more. Now for Mac. $98.99 at www.CarMD.com Save $10 with code TMO1.
If you're using a Mac, then you've gotta check out Full Tilt Poker for Mac. This Full Tilt Poker bonus code does the unthinkable, it actually rewards!For the latest Apple products use Ciao, a price comparison website, to find laptops like MacBook Air. Then find the best prices on MP3 players and use our comparison tool to evaluate mobile phones like the Apple iPhone.
Laptop Hardware Provided by TechRestore - Overnight Mac & iPod Repairs.
