Patch/Configuration Management, Vulnerability Management

Apple fixes another DNS vulnerability

Apple released a security update for its OS to fix several security issues, most notably another fix for the notorious Domain Name System (DNS) cache poisoning problem as well as a vulnerability within PostScript font names.

The Security Update 2008-006 and Mac OS X v. 10.5.5 security update fixed roughly 35 bugs, including issues with open source components and a login password glitch.

DNS cache poisoning is a major vulnerability first revealed in July by Dan Kaminsky and it affects all operating systems, said Rami Habal, director of product marketing at email security firm Proofpoint.

Apple resolved a DNS problem in its implementation of libresolv, which provides translation between host names and IP addresses for applications that use the unicast DNS resolution API found in Libresolv. This summer, Apple patched its version of the Berkeley Internet Name Domain (BIND) DNS server for the cache poisoning problem.

The DNS vulnerability enables hackers to manipulate the IP address and send users to a spoofed page of a legitimate site, Habal told SCMagazineUS.com on Tuesday.  

“The fake site looks like the real site,” Habal said, “and tricks users into providing personal information.”

Another important patch fixes a flaw in Apple Type Services' handling of PostScript font names, according to the Apple Support website. Viewing a document that contains a malicious font may lead to arbitrary code execution.

“If somebody were to create a specially crafted PostScript document on a website, a user could open the document and leave it vulnerable to an attacker to load malicious software on your computer,” John Pescatore, analyst at Gartner, told SCMagazineUS.com. “That enables trojan horse fonts to be installed.”

Pescatore added that these patches are fairly complicated, but there is disappointment that Apple didn't provide the patches sooner.

“These were serious flaws that took a pretty long time to fix,” he said.

Apple did not respond to a request for comment.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.