- Cool Yule Tools: 2008 Holiday Gift Guide
- 10 kitchen gadgets for the geek gourmet
- Google admits to violating iPhone development terms
- Smartphone smackdown: Storm vs. iPhone
- Google layoffs: 10,000 jobs being cut
Jason Meserve provides up-to-the-minute news on vendor security alerts and fixes.
Apple finally patches dangerous DNS flaw
Apple has at last issued a patch for the DNS (Domain Name System) flaw considered one of the most dangerous vulnerabilities
ever to affect the Internet. On Friday, Apple posted a security advisory saying that the patch will fix Apple's implementation
of the Berkeley Internet Name Domain (BIND) DNS server in Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.4 and
Mac OS X Server v10.5.4. Apple has also wrapped a dozen other fixes in the security update. The fixes can be downloaded individually
or the "software update" feature can be used in OS X to download the whole batch. IDG News Service, 08/01/2008.
Also: Apple's patch fails to fix DNS flaw, researchers claim
**********
Researcher reveals Twitter 'follow' bug
Attackers can exploit a bug in Twitter to force victims to follow the hacker's account, a security researcher said Thursday.
According to Aviv Raff, the Twitter vulnerably could expose users to malware-hosting Web sites. Computerworld, 07/31/2008.
**********
Five new updates from Debian:
httrack (buffer overflow, code execution)
libxslt (buffer overflows, code execution)
newsx (buffer overflow, code execution)
**********
Four new patches from Gentoo:
Pan (buffer overflow, code execution)
Linux Audit (buffer overflow, code execution)
VLC (multiple flaws)
**********
Three new fixes from Ununtu:
libxslt (buffer overflows, code execution)
Python (multiple flaws)
**********
Two new patches from Mandriva:
libxslt (buffer overflows, code execution)
licq (denial of service)
**********
From the interesting reading department:
Safe Summer Travels on the Information Superhighway
With the Olympics right around the corner and being that we are in the heart of the summer, I'm sure many of you will find
yourselves travelling quite extensively. Nowadays, it's almost impossible to go cold turkey from the Internet. Symantec Security
Response, 08/01/2008.
Busch alerts N.H. residents: Stolen laptop had personal data
About 2,250 New Hampshire residents have been notified that their personal information was stored on a laptop computer taken
by thieves that burgled an Anheuser-Busch Co. office in Missouri in June. Computerworld, 08/02/2008.
Jason Meserve is multimedia editor at Network World.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment