Home / News

Apple Finally Patches DNS Flaw

  • Aug 01, 2008 7:32 AM PST
  • Comments: 3
  • Views: 3,043
Print Comment
PC World

Apple which has been under criticism by security experts for being slow in patching a major DNS flaw, has at last issued a patch in a security update for its OS X operating system and other software late Thursday.

Apple is among a handful of companies that security experts have said moved far too slow in reacting to the DNS bug. Other vendors, including Cisco and Microsoft, had patches ready when the existence of the flaw was disclosed on July 8, 2008. But some network administrators have reported compatibility problems with those early patches.

Read full story: PC World

Related topics: DNS, Security

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:
Print Comment

Comments

Re: Apple Finally Patches DNS Flaw Fergie  –  Aug 01, 2008 12:11 PM PST

But wait — there's more, and it's not all good.

There is a report from the SANS Internet Storm Center that while "...Apple might have fixed some of the more important parts for servers, but is far from done yet as all the clients linked against a DNS client library still need to get the workaround for the protocol weakness."

FYI,

- ferg

# 1 Reply  |  Link  |  Report Problems
Not good. Matthew Elvey  –  Aug 05, 2008 11:09 AM PST

Not to mention that the iPhone includes BIND code and it hasn't been patched at all.
(The "Legal" section includes bind license terms.) I haven't seen that mentioned anywhere.  At least the doxpara.com test says the name server my iPhone uses is OK.  Wait, WTF? My iPhone is using 208.67.219.13, AKA bld3.pao.opendns.com.  Ok, getting OT now...but that is interesting.

# 2 Reply  |  Link  |  Report Problems
Correction; when not on WiFi, my iPhone Matthew Elvey  –  Aug 05, 2008 9:14 PM PST

Correction; when not on WiFi, my iPhone uses 209.183.54.151, AKA bthinetdns.mycingular.net, which doxpara says is OK.

# 3 Reply  |  Link  |  Report Problems

To post comments, please login or create an account.

Related Blogs

What Does It Take To Repair Trust? What Will It Take ICANN To Win Back "Trust"? (Part I)

  • Feb 08, 2012
  • Comments: 0

Is ICANN Opening up Public Comment Periods in Bad Faith?

  • Feb 07, 2012
  • Comments: 1

Phish or Fair?

  • Feb 07, 2012
  • Comments: 4

The FBI and Scotland Yard vs. Anonymous: Security Lessons

  • Feb 06, 2012
  • Comments: 0

World Notices That Verisign Said Three Months Ago That They Had a Security Breach Two Years Ago

  • Feb 02, 2012
  • Comments: 2
View More

Related News

DNSChanger Trojan Still Running on Half of Fortune 500s, US Govt

  • Feb 02, 2012
  • Comments: 0

Public-Private Cooperation Policy for Cyber Security Suggested by Commissioner Kroes

  • Jan 31, 2012
  • Comments: 0

DDoS Attacks Increased by 2000% in Past 3 Years, Asia Generating Over Half of Recent Attacks

  • Jan 31, 2012
  • Comments: 0

NASA Website Blocked Due to DNSSEC Error

  • Jan 25, 2012
  • Comments: 0

Websites Go Dark Protesting SOPA and PIPA, Senators Change Course

  • Jan 18, 2012
  • Comments: 0
View More

Topics

Access ProvidersLaw
BroadbandMalware
CensorshipMobile
Cloud ComputingMultilinguism
CyberattackNet Neutrality
CybercrimeP2P
CybersquattingPolicy & Regulation
Data CenterPrivacy
DNSRegional Registries
DNSSECRegistry Services
Domain NamesSecurity
EmailSpam
EnumTelecom
ICANNTop-Level Domains
Internet GovernanceVoIP
Internet ProtocolWeb
IP AddressingWhite Space
IPTVWhois
IPv6Wireless
View More

Industry Updates – Sponsored Posts

.ORG COO Discusses Priorities With DailyVista, Pursuit of .NGO Domain

  • By PIR
  • Views: 392

StarHub to Acquire '.starhub' New Top-Level Domain

ARI Registry Services Signs 21 Contracts in the First Week of New TLD Applications

MarkMonitor to Exhibit at Internet Tech Policy Exhibition and Reception to be Held on Capitol Hill

Sedari Signs With Dot Moscow Bidders

.ORG, The Public Interest Registry Welcomes Nancy Gofus As Chief Operating Officer

  • By PIR
  • Views: 721

Minds+Machines Works with .bayern

Verisign to Award New Infrastructure Research Grants

Being a .PRO When Choosing a Registry Services Partner

UK Cabinet Office Looks to BlueCat Networks' Expertise and Best Practices for Securing PSN

dot Brand Makes Its Debut: Afilias Advises Companies to Act Now for Successful TLD Applications

BlueCat Networks Helps Organizations Transition to IPv6 with HP

BlueCat Networks to Host Webinar on DNS, DHCP and IPAM Featuring Independent Research Firm

Facets of gTLD Registry Technical Operations - Registry Services

Technology and Finance Industries to Dominate New gTLD Applications

Nixu SNS 2.5 Series Gives Fresh Views on DNS

Afilias Says "No" to SOPA

Breaking the DNS: Another Look at How SOPA Could Be Destructive

  • By Dyn
  • Views: 1,399

IPAM and DHCPv6 Shake Hand in Nixu NameSurfer 7.1 Series

2011: A Year in Review, from the Yes2DotAfrica Campaign

View More

Hot Topics

Afilias

DNSSEC

Sponsored by
Afilias
Verisign

Security

Sponsored by
Verisign
Minds + Machines

Top-Level Domains

Sponsored by
Minds + Machines
dotMobi

Mobile

Sponsored by
dotMobi
Neustar UltraDNS

DNS

Sponsored by
Neustar UltraDNS
View More