informa
/
Risk
Commentary

Apple Patch Misses Some DNS Problems

Apple's release of a raft of patches included an overdue one for the DNS hole that's gotten so much attention over the past few weeks. Unfortunately the patch leaves some DNS problems still in the hole.
Apple's release of a raft of patches included an overdue one for the DNS hole that's gotten so much attention over the past few weeks. Unfortunately the patch leaves some DNS problems still in the hole.The patch array, Apple Security Update 2008-005 addressed 17 OS-X issues, but while addressing the fundamental DNS server problem, left client computers vulnerable, some observers noted.

Details of the partial patch are spelled out in a SANS security blog today.

Add this to the already gathering chorus of commentators chiding Apple for moving more slowly than other companies in addressing the DNS problem, and add that to the even louder chorus of complaint's about the iPhone's latest round of problems, and you have a glimpse of what's rapidly becoming Apple's longest, hottest summer.

It's all a shame -- Apple always had a reputation for sweating the details before release. Lately their rep is more one of sweating the press after the release.

Maybe they'll get the message -- and get the full DNS problem addressed soon.

Recommended Reading:
Editors' Choice
Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
Joshua Goldfarb, Director of Product Management at F5