The Register® — Biting the hand that feeds IT

Feeds

Apple update patches serious DNS flaw in Mac OS X

In a BIND no more

By Dan Goodin, 12th August 2009
  • print
  • alert

Cloud based data management

Two weeks after internet overlords warned of a serious vulnerability in one of the most widely used programs for resolving domain names, Apple has updated its Mac OS X operating systems to fix the security bug.

The update, released Wednesday, patches a hole in BIND, the net's most popular domain name system package. It's available for both client and server versions of the Mac OS and follows an update released last week that plugged 18 holes and a separate fix issued on Tuesday for six holes in Apple's Safari browser.

It brings relief for a logic issue in the handling of dynamic DNS update messages that allowed attackers to crash servers at will. Exploits using an ANY record in the prerequisite section of a crafted dynamic update message were already in the wild, prompting urgent calls for software that incorporated BIND to be updated as soon as possible. ®

Regcast training : Hyper-V 3.0, VM high availability and disaster recovery

COMMENTS

House Rules Send Corrections
All Reader Comments (4)
Latest Comments
Anonymous Coward

@Anon

Apple didn't write BIND either, they just supply it.

0
0
Grant Mitchell

@anon

Ok, I shouldn't really feed the trolls, but on the off-chance this guy isn't a troll, and is just totally clue-less and computer illiterate.

It takes time for patches to be released from all vendors for several good reasons.

1. They need to understand the bug. Fools rush in, etc...

2. They need to test the patch fixes the problem.

3. They need to confirm it doesn't affect the operation of the system adversely.

4. They need to confirm it doesn't introduce more bugs.

5. They need to package it, and submit the patch and installer for regression testing.

etc.

This actually takes some time, no matter how many people you throw at it.

0
0
Anonymous Coward
Anonymous Coward

Good work Apple.

While BIND is included in both the server and client versions of OS X it's not enabled by default.

0
0

More from The Register

breaking news
Number of cops abusing Police National Computer access on the rise
Only a telegram from the Queen can get you off it
136
breaking news
NSA PRISM snoop-gate: Won't someone think of the children, wails Apple
10,000 things probed, mostly about missing kids, Alzheimer patients, we're told
96
Flash flaw potentially makes every webcam or laptop a PEEPHOLE
But it's a Google problem - Chrome only, insists Adobe
61
Internet fraud still stings suckers
Australians twice as gullible as Americans
36
breaking news
NSA PRISM-gate: Relax, GCHQ spooks 'keep us safe', says Cameron
Whatever they are up to, it's all above board, we're told
90
breaking news
Yahoo! joins! rivals! in! PRISM! data! request! admission!
Keep calm and carry on using American tech firms, folks
41
PRISM snitch claims NSA hacked Chinese targets since 2009
Snowden suddenly looks safer in Hong Kong after revelations
33
breaking news
US chief spook: Look, we only want to spy on 6.66 BEELLLION of you
Americans assured they are not in the NSA's sights
68
Speech-to-text drives motorists to distraction
Will talking to you mean I crash into that car up ahead, Siri?
30
DHS warns of vulns in hospital medical equipment
Has your doctor's anasthesia machine been hacked?
17