Featured Article: AAPL Gives Up Most of Wednesday's Gains, But Squeaks Out a Gain
Apple Security Update 2008-005 Fixes DNS Issue
by , 7:55 AM EDT, August 1st, 2008
Apple rolled out a late day security update on Thursday that addressed potential DNS-related flaws in Mac OS X Leopard and Tiger. Security Update 2008-005 prevents malicious attackers from forging Web sites -- a trick that could potentially be used for phishing attacks where hackers trick Web surfers into giving up personal information like passwords and bank account data.
The security update fixed flaws that could allow an attacker to use the Open Scripting Architecture to run commands with elevated privileges. It also addressed problems where maliciously crafted Web sites could use CoreGraphics to crash applications or run arbitrary code, maliciously crafted messages could use Data Detectors to crash applications, emac could be used to gain System Privileges after Disk Utility's Repair Permissions tool has been run, and OpenLDAP and OpenSSL could be used to crash applications or run arbitrary code.
PHP was updated to version 5.2.6 to block several potential security issued that could lead to crashed applications or arbitrary code execution.
A flaw in QuickLook was patched that could lead to crashed apps or arbitrary code execution, and rsync was updated to prevent remote attackers from accessing or overwriting the module root.
Security Update 2008-005 requires Mac OS X 10.4.11 or 10.5.4, or Mac OS X Server 10.4.11 or 10.5.4. It is available via Apple's Software Update application, or as a downloadable installer at the Apple Support Web site.
Observer Comments
Recent Headlines - Updated Wednesday, October 15th, 2008
- Wed., 1:50 PM
- How to Keep Leopard Purring
- 12:35 PM
- Microsoft Exec Says Mac Users Pay an "Apple Tax"
- 12:05 PM
- OWC Announces Memory Upgrade Kits for New MacBooks
- 9:40 AM
- Forum Poll: Are You Buying a New MacBook or MacBook Pro?
- 9:15 AM
- TextSoap 6 Improves Cleaner Editor
- 8:40 AM
- Analyst: $999 MacBook Big News
- 8:20 AM
- Typinator 3.2 Adds FileMaker Snippets
- 7:55 AM
- Apple Posts MacBook, Display Event Video
- 7:30 AM
- Flash Player 10 Sports 3D, GPU Acceleration Support
- 12:10 AM
- Adobe Ships Creative Suite 4 Apps
The Mac Observer Reader Specials
- Download Typestyler, still the Ultimate Styling Tool for Internet, Print and Video Graphics. Works great in Classic with a Native OS X Version on the way. Free Tryout: www.typestyler.com
OWC: Juice up your iPod w/NewerTech High Capacity Battery from $19.99 Free Installation Videos for most models. Pro Installation Service w/FedEx Shipping From $57.95 (Battery Included). - www.MacSales.com
MacBook/MacBook Pro / MacMini / iMac Intel Core2 DUO DDR2 667Mhz 4GB Kit $80, 3GB Kit $60, 2GB Kit $40, 1GB $20 - Click to Maximize your Macs...
Mac observers can now play Party Poker for Mac as well as Mac casino games by going to MacPokerOnline.com.
RamJet Memory: Mac Pro FB-DIMMs: 2Gig kit $95, 4Gig Kit $179, 8Gig Kit $355! MacBook 2Gig Kit $78, 4Gig Kit $149! Click hereFor the latest Apple products use Ciao a comparison website to find laptops like MacBook Air. Then find the best prices on MP3 players and use our comparison tool to evaluate cell phones.
Laptop Hardware Provided by TechRestore - Overnight Mac & iPod Repairs.
Navigon 2100 GPS: $79.99 
Hyundai X224W 22" Widescreen LCD Monitor: $169.99 
Samsung WEP250 Bluetooth Headset: $10.45 Delivered A/R 
Samsung WEP301 Bluetooth Headset: $7.15 Delivered A/R 
Sony Bravia Z-Series KDL-46Z4100/B 46-Inch 1080p 120Hz LCD HDTV: $1842.12 
