10.5.5 update fixes DNS vulnerability
Apple's Mac OS X 10.5.5 update (and Security Update 2008-006) fixes a critical DNS vulnerability that could allow attackers to trick victims into visiting malicious Web sites using what's known as a "cache poisoning attack." We wrote about the vulnerability in August.
Although Apple's release notes say BIND was updated "to address performance issues," the update also delivers the promised address port randomization that protects users from such cache poisoning attacks. The original patch offered protection for Apple's servers but did not completely protect client systems.
Apple's updates fixed flaws in several applications and system components, including some that attackers could use to run unauthorized software on a user's computer.
Subscribe to Newsletter
Software Updatesmore updates
- NFL Mobile updated for 2014 Season with new Fantasy Football features, NFL Now integration
- Yahoo Mail improves email inbox searching with new filtering options
- Ember for Mac gains 'hugely-requested' screen recording feature
- Spotify update adds equalizer, refreshed Artist page and more
- Fantastical 2.1 for iOS adds new snooze, search and notification features
- ExpanDrive 4, more services and faster sync