Another day, another security update from Apple

by Graham Cluley on August 13, 2009 | Comments Off

Filed Under: Apple, Vulnerability

Bruised apple
It seems like only yesterday that I was blogging about an important security update from Apple. And wasn't it just last week when we were discussing how boobytrapped images could infect your Mac, and how GarageBand could change your Safari browser's cookie settings without asking permission?

Well, hot on the heels of these alerts Apple has issued another security update - Security Update 2009-04 - which is designed to stop hackers exploiting a flaw which could allow them to interrupt the BIND DNS server by sending a malicious update message.

Apple is recommending the security update for all users as it improves the security of Mac OS X. As they describe in the advisory which was published alongside the fix, if the vulnerability is not patched a "remote attacker may be able to cause the DNS server to unexpectedly terminate."

My advice is that if Apple believes that this is serious enough to warn you about, it's serious enough for you to take action and roll out the patch.

You can retrieve the update via Apple's standard Software Update feature.

Tags:

About the author

Graham Cluley is senior technology consultant at Sophos. The readers of Computer Weekly voted him security blogger of the year in 2009 and 2010, and he pipped Stephen Fry to the title of "Twitter user of the year" too. Which was nice. He was also named "Best Security Blogger" by the readers of SC Magazine in 2011. You can subscribe to Graham's updates on Facebook, follow him on Twitter and circle him on Google Plus for regular updates.