With a slight delay, Apple has finally put online Thursday patches for its operating system Mac OS X, intended to correct the flaw affecting the DNS protocol made public in early July. These updates, known as "Security update 2008-005" are readily available via the device to update Mac OS operating system Mac OS X 10.4.11, Mac OS X 10.5.4 and Mac OS X Server 10.5.4, and the Apple website.
This loophole, described as critical, affects the protocol DNS (Domain Name System), which holds the correspondence between a domain name and IP address of the server hosting a website. Indeed, it affects all operating systems, but also the software used by Internet service providers and network equipment.
It confers a theory an attacker can redirect users to the server of his choice when they enter a Web address (URL) into their browser. The terms of exploiting this loophole should remain confidential until it is no longer any danger. They have however been made public inadvertently July 23.
At this updating of importance, Apple also fixes a bug affecting the implementation QuickLook, which could allow the execution of arbitrary code on the host machine from a Microsoft Office file infected.
Bookmarks