Aug2008 01

{mosimage}"Last night Apple released security update 2008-005 although even after the update it would seem that one of the most voiced issues still has not been addressed. This update was supposed to bring port randomization to make it more difficult to spoof the DNS response.

However, in nCircle's test it seems as though this is not the case. nCircle found that even after installing the patch the client libraries in an OS X 10.4.11 still do not randomize the source port."

Click here for the full story.

Not good Apple, especially when FreeBSD 6.3 has addressed this issue.

blog comments powered by Disqus