The Mac Observer

Skip navigational links

Choose text size: Select small text. Select medium text. Select large text.

You're viewing an article in TMO's historic archive vault. Here, we've preserved the comments and how the site looked along with the article. Use this link to view the article on our current site:
Apple Security Update 2008-005 Fixes DNS Issue

Apple Security Update 2008-005 Fixes DNS Issue

by , 7:55 AM EDT, August 1st, 2008

Apple rolled out a late day security update on Thursday that addressed potential DNS-related flaws in Mac OS X Leopard and Tiger. Security Update 2008-005 prevents malicious attackers from forging Web sites -- a trick that could potentially be used for phishing attacks where hackers trick Web surfers into giving up personal information like passwords and bank account data.

The security update fixed flaws that could allow an attacker to use the Open Scripting Architecture to run commands with elevated privileges. It also addressed problems where maliciously crafted Web sites could use CoreGraphics to crash applications or run arbitrary code, maliciously crafted messages could use Data Detectors to crash applications, emac could be used to gain System Privileges after Disk Utility's Repair Permissions tool has been run, and OpenLDAP and OpenSSL could be used to crash applications or run arbitrary code.

PHP was updated to version 5.2.6 to block several potential security issued that could lead to crashed applications or arbitrary code execution.

A flaw in QuickLook was patched that could lead to crashed apps or arbitrary code execution, and rsync was updated to prevent remote attackers from accessing or overwriting the module root.

Security Update 2008-005 requires Mac OS X 10.4.11 or 10.5.4, or Mac OS X Server 10.4.11 or 10.5.4. It is available via Apple's Software Update application, or as a downloadable installer at the Apple Support Web site.

Observer Comments

Show: Subjects Only | Full Comments
Comment on this Article


Guest Posts Visible. Hide Them.
Back to top  Page 1 of 1    

Comments are currently closed. Please email the author instead.


Recent Headlines - Updated February 12th

Sat, 4:11 PM
MacOS KenDensed - MacOS KenDensed: iPad 3 Frenzy, Big-time Apple & Steve Jobs, G-Man
Fri, 8:10 PM
News - Apple Sues Motorola Mobility in California Over German Case
7:54 PM
Free on iTunes - OnLive Desktop: Windows & Office on Your iPad
7:43 PM
Product News - Apple Rolls Out MacBook Air Configurations for Education
6:35 PM
Just a Peek - Battle Pocket Bulge With The Hint for iPhone
6:01 PM
Rumor - Apple Reportedly Bringing MacBook Air Styling to Pro Line
4:50 PM
Particle Debris - The Hidden Gotchas of Browser Security
3:56 PM
Apple Stock Watch - Analyst: Paying a Dividend Makes Sense for Apple
2:58 PM
Deal Brothers - iMac 27-inch 2.93GHz Intel Quad-Core i7 processor:  $1,999
2:45 PM
In-Depth Review - Theodolite App for iOS is Breathtaking
12:52 PM
Apple Stock Watch - Mizuho Securities Starts Apple Coverage with $635 Target
11:35 AM
Hot Forum Topic - Forum Poll: Are You Planning on Buying a New iPad?

The Mac Observer Reader Specials

  • TypeStyler 11 is now in the Mac App Store!! -- Special Introductory Price of $59.95!! -- To Buy From The Mac App Store Click Here Now!! Or buy direct from Strider Software.
  • Mac RAM Upgrades: MacBook Pro 16GB kits $475, 8GB Kits for $119.99! iMac 16GB RAM Kits (4x 4GB) for $229.99! Mac Pro Memory 32GB Kit for $399.99, 64GB Kit for $889.99! Mac Hard Drives 2TB Seagate SATA II for $249.99! Click Here!
  • Poker Mac If you're using a Mac, then you've gotta check out Online Poker Mac. This mac poker and online casino mac site actually does the unthinkable, it actually rewards!
  • __________
  • Buy Stuff, Support TMO!
  • Podcast: Mac Geek Gab
  • Podcast: Apple Weekly Report
  • TMO on Twitter!