Apple Finally Releases DNS Patch for Mac OS X

Apple has issued a Mac OS X patch for the Domain Name System flaw that security researchers agree is one of the most dangerous vulnerabilities on the Internet.

Apple has been criticized for being late with a fix. Some vendors, including Microsoft, Cisco, Sun Microsystems, and various Linux distributors, issued a fix weeks ago.

While Apple was working on its patch, researchers released software that exploits the flaw that IOActive researcher Dan Kaminsky discovered. The attack code was released by developers of the Metasploit hacking toolkit, headed by the infamous HD Moore.

Kaminsky is scheduled to discuss the DNS flaw at the Black Hat hacker convention next week in Las Vegas, but details on how to exploit the vulnerability are widespread.

Sitting (Mac) Ducks

Unpatched Mac users appeared to be sitting ducks for an attack that could redirect legitimate Web traffic to a phishing server.

The DNS flaw now patched by Apple and other vendors is a serious one, according to Graham Cluley, a security analyst at Sophos.

"If exploited, it would allow hackers to poison Internet lookup tables, meaning that even if you typed in the correct name of your online bank, for instance, you would be taken to a malicious forged Web page instead," he said.

What's more, he said, hackers could post malicious software updates on the Web and fool legitimate programs into downloading them, thinking they were at the real update sites.

"Some commentators have criticized Apple for taking longer than other vendors
in producing a fix -- but the most important thing is that a fix is now available," Cluley said.

"Apple Mac users will be automatically alerted to the availability of new
security patches, and would be wise to install them," he said. "Businesses typically take a little longer to roll out security patches, as they often wish to check that no compatibility...