No. 1 Story
Technology reinforces generation gap
If you believe that technology could be bridging the generation gap, think again. According to Deloitte’s first State of the Media report it’s as stark as ever.
read moreMore From
Apple catches up with BIND as one of a dozen security patches
Stephen Withers
Monday, 04 August 2008 06:05
Page 1 of 3
Late last week Apple finally released a security update for Mac OS X that includes a patched version of the BIND DNS software. In all, there were a dozen patches released including the potentially serious BIND fix.BIND is part of Mac OS X, but is not enabled by default, A flaw in BIND made it vulnerable to cache poisoning attacks, which could lead to Internet traffic being silently diverted to malicious servers.
The underlying problem in the protocol was discovered earlier this year, and the developers of BIND and other affected DNS implementations worked to release new versions of the software early last month. Apple was relatively slow to deliver an updated version of BIND to its customers.
Apple's update installs version 9.3.5-P1 on Mac OS X 10.4.11 and 9.4.2.-P1 on 10.5.4.
Eleven other issues are fixed by Security Update 2008-005.
The SecurityAgent and ARDAgent issues reported earlier this year have been addressed by blocking privilege escalation for scripting additions.
Additional bounds checking in CarbonCore prevents long file names from causing a stack buffer overflow in CarbonCore which could previously lead to unexpected application termination or the execution of arbitrary code.
What else has been fixed? Find our on page 2.
You think you have a disaster recovery plan?
Think again. Most businesses only have PART of a DR plan - and this spells business disaster in the event of an IT disaster.
Download The Seven Sins of Disaster Recovery White Paper now and find out how you can prevent this happening to you.
