Skip to content
Thoughtful, detailed coverage of everything Apple for 28 years
and the TidBITS Content Network for Apple professionals

Series: DNS Flaws Could Have Led to Disaster

Flaws in the way in which the domain name system (DNS) has been implemented for years by dozens of different companies and entities – including the organization that maintains the DNS software used by Mac OS X client and server software – could lead to an easy exploit by those who want to redirect users to malicious sites for identity theft and malware installation. Fortunately, the problem was caught and fixed, although Apple’s response was much delayed and poorly communicated.

Rich Mogull Glenn Fleishman No comments

Apple Fails to Patch Critical Exploited DNS Flaw

Apple has made its biggest security stumble ever by not releasing a necessary patch for a serious DNS exploit that allows any domain name to be redirected to any IP address.

Glenn Fleishman Adam Engst No comments

Apple Finally Fixes DNS Flaw and ARDAgent Vulnerability

Install Security Update 2008-005 now! Apple has finally released a security fix for a serious DNS flaw that's being exploited in the wild. The update also includes fixes for other serious vulnerabilities.

Glenn Fleishman No comments

DNS Clients Have Small Vector of Risk after Patch

The SANS Institute finds that Apple's patch for a flaw in the DNS protocol doesn't fix client resolver software, leaving Macs vulnerable to a far-less-likely outcome.