After plugging a series of security holes in Mac OS X on 6 Aug, Apple has issued another security update.
This time the patch is for the BIND service, and is aimed at systems running Mac OS X 10.5.8 and v10.4.11, including server editions. According to Apple, a logic issue in the handling of dynamic DNS (Domain Name System) update messages can cause an assertion to be triggered. Armed with a malicious updated message for the BIND DNS server, an attacker could interrupt the BIND service and cause the DNS server to terminate.
“The issue affects servers which are masters for one or more zones, regardless of whether they accept updates,” the Apple advisory stated. “BIND is included with Mac OS X and Mac OS X Server, but it is not enabled by default. This update addresses the issue by properly rejecting messages with a record of type ‘ANY’ where an assertion would previously have been raised.”
An exploit targeting the flaw has been reported in the wild.
Troubled battery maker Northvolt reportedly considers Chapter 11 bankruptcy protection in the United States as…
Microsoft's cloud business practices are reportedly facing a potential anti-competitive investigation by the FTC
Ilya Lichtenstein sentenced to five years in prison for hacking into a virtual currency exchange…
Target for Elon Musk's lawsuit, hate speech watchdog CCDH, announces its decision to quit X…
Antitrust penalty. European Commission fines Meta a hefty €798m ($843m) for tying Facebook Marketplace to…
Elon Musk continues to provoke the ire of various leaders around the world with his…