The Mac Observer

Skip navigational links

Featured Article: AAPL Gives Up Most of Wednesday's Gains, But Squeaks Out a Gain

Apple Security Update 2008-005 Fixes DNS Issue

by , 7:55 AM EDT, August 1st, 2008

Apple rolled out a late day security update on Thursday that addressed potential DNS-related flaws in Mac OS X Leopard and Tiger. Security Update 2008-005 prevents malicious attackers from forging Web sites -- a trick that could potentially be used for phishing attacks where hackers trick Web surfers into giving up personal information like passwords and bank account data.

The security update fixed flaws that could allow an attacker to use the Open Scripting Architecture to run commands with elevated privileges. It also addressed problems where maliciously crafted Web sites could use CoreGraphics to crash applications or run arbitrary code, maliciously crafted messages could use Data Detectors to crash applications, emac could be used to gain System Privileges after Disk Utility's Repair Permissions tool has been run, and OpenLDAP and OpenSSL could be used to crash applications or run arbitrary code.

PHP was updated to version 5.2.6 to block several potential security issued that could lead to crashed applications or arbitrary code execution.

A flaw in QuickLook was patched that could lead to crashed apps or arbitrary code execution, and rsync was updated to prevent remote attackers from accessing or overwriting the module root.

Security Update 2008-005 requires Mac OS X 10.4.11 or 10.5.4, or Mac OS X Server 10.4.11 or 10.5.4. It is available via Apple's Software Update application, or as a downloadable installer at the Apple Support Web site.

Observer Comments

Show: Subjects Only | Full Comments
Comment on this Article

Log in | Register | Having Problems? Reset TMO Cookies & Try Again
Username:   Password:   Log me on automatically each visit   

You are not logged in, and this post will appear as "Guest." Log in with your username and password from the TMO forums. If you do not have a username, you can register here.
Please note that guests are limited to including a maximum of two URLs per post.


Post A Comment
  Subject


  Your Comments



Please enter the word exactly as you see it in the image above. Registered users aren't prompted for this. Having trouble reading the image get a new one.


Recent Headlines - Updated Wednesday, October 15th, 2008

Wed., 1:50 PM
How to Keep Leopard Purring
12:35 PM
Microsoft Exec Says Mac Users Pay an "Apple Tax"
12:05 PM
OWC Announces Memory Upgrade Kits for New MacBooks
9:40 AM
Forum Poll: Are You Buying a New MacBook or MacBook Pro?
9:15 AM
TextSoap 6 Improves Cleaner Editor
8:40 AM
Analyst: $999 MacBook Big News
8:20 AM
Typinator 3.2 Adds FileMaker Snippets
7:55 AM
Apple Posts MacBook, Display Event Video
7:30 AM
Flash Player 10 Sports 3D, GPU Acceleration Support
12:10 AM
Adobe Ships Creative Suite 4 Apps
 

The Mac Observer Reader Specials

  • Special Report: iPhone
  • __________
  • Help TMO Grow
  • Macworld Expo - Hotel Deal
  • Podcast: Mac Geek Gab
  • Podcast: Apple Weekly Report
  • TMO on Twitter!

Apple Stock Quote

  • AAPL: $101.75. Change Today: -2.33.
  • (Prices delayed up to 20 minutes.)
  • Discuss in our Apple Finance Board

Hot Topics

Top Deals From DealsOnTheWeb