When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Apple misses mark on DNS patch

Security researchers are claiming that Apple has failed to fully patch the high profile DNS cache poisoning error. The company issued the patch last week as part of a larger security update. The so-called Kaminsky flaw (named for its discoverer, Dan Kaminsky,) has sent vendors scrambling to patch what is said to be a fundamental vulnerability in the DNS system.

According to Andrew Storms, director of security operations for network security firm nCircle, Apple's patch doesn't quite do the job. Storms found that the update doesn't force source port randomization for client libraries, an essential fix for preventing the spooking attack. Storms said that while the server component of the error is fixed, client machines remain vulnerable

View: The full story @ vnunet

Report a problem with article
Next Article

Microsoft Unveils New Tools to Fight Security Threats

Previous Article

Live Mesh may emerge as Microsoft 'cloud' platform

Join the conversation!

Login or Sign Up to read and post a comment.

19 Comments - Add comment