Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Security Update 2008-005 Released
- Thread starter MacRumors
- Start date
- Sort by reaction score
IMHO the other fixes in this security update are of more importance then the BIND update given the limited number of folks running a DNS server.
The big one in... Open Scripting Architecture (CVE-2008-2830)
Maybe Arn can pitch in here, but I am sure that the NYTimes article on him probably had at least a little to do with this.
This showed up at a very strange time in the evening. Also, I dig the Home Depot ads. It is nice to see this site getting more recognition and support to ensure its growth and prosperous function. I have relied heavily on the news, rumors, user comments, and buyer guides featured, for years before I became a member. And not that other advertisers featured on Macrumor are insignificant, but the Home Depot is a quality pick up. Nice work Arn!
Are you actually using BIND, your ISPs DNS server, or something else like OpenDNS?
Sebastian
I thought Seinfeld did their last show? Too much drama for my taste. My Cache is safe in da' Bank...
I think this is not quite true.
The vulnerability also targets DNS resolvers (clients), just at the moment the attacks are rather on the server because it is far more convenient to poison a DNS server to deliver the wrong IP addresses to a large crowd of client computers than to target every individual client.
Another thing you should watch is your Firewall/NAT-Box, because this might be the vulnerable too...
ya im retarded, I have my logitech mouse set up to take screen shots and that makes it say region,lol
when I do command shift 4 it still says picture 1
carry on everyone
Excuse me if I sound ignorant, but I am!
For some time I have been having issues with my MAC whilst on-line - mouse problems, slow typing and back spacing, slow page loading, jerky Utube, etc. Have been blaming my IP, but after downloading that Security Update, all the problems vanished. Reading through the posts on this thread, I cannot see anyone else making the same observations - so am I unique?
For some time I have been having issues with my MAC whilst on-line - mouse problems, slow typing and back spacing, slow page loading, jerky Utube, etc. Have been blaming my IP, but after downloading that Security Update, all the problems vanished. Reading through the posts on this thread, I cannot see anyone else making the same observations - so am I unique?
Is there a way you can get it to automatically call it Picture 1.png or whatever it is? Without the extension its not recognised in all apps and it feels stupid adding the .png to so many pictures...
Downloaded it and installed.
Don't know what it should have done, but my iCal icon is now no longer transparant (it turned like that after the iLife update).
Happy now
Don't know what it should have done, but my iCal icon is now no longer transparant (it turned like that after the iLife update).
Happy now
Glad to see Apple is fixing things..... Will install on my 2 machines tonight.
on a bit of a sad note - with Apple gaining on populary, i have a feeling we may end up like MS with security updates and patches once or multiple times a week. It's only a matter of time before Apple starts becoming popular enough to be targeted by viruses, spyware, malware, trojans, phishing, and the new whaling.
Off subject; but a warning to all. I just heard this on a talk radio show last night......
Whaling - a rather new phishing technique that targets someone who a hacker thinks has a lot of money (like a CEO of a corporation or charity). What this version does is:
1. Sends you an email that makes it look like you or someone high up at your work has been supenoed by a high court. When you open the email, it has the attached document that even the experts say looks very real - right down to a faked goverment website.
2. the email and its attachment installs a trojan on your computer that tracks what you do.
3. it is so advanced that as soon as you log onto your bank or financial website via any mean (online website - through quicken, MSMONEY or others). It sends an alert to the crook and captures even encrypted passwords and can even snoop a VPN and HTTPS://
4. As soon as you sign off another alert goes out. the crook then signs in with your password, changes the password and then starts to withdraw all your money.
So far they estimated that 100,000 CEOs have been target and some have lost $100,000's. that's why it is called whaling - they go after the big guys. they also estimate that a few non-rich people got the email and were swindled also.
If you seen this come your way, you are vulnerable and directed to clean your computer before signing on to a financial institution. This thing has the potential of wiping out entire corporations of their funds, because everyone knows that top management will check corporation accounts from their computer's as well.
Another off topic
I had a friend who owns a small marina, somehow his corporate account number got out. A local crook started printing off payroll checks from "real" area companies using his account number. Luckily one local bank caught first check that was tried to be cashed and froze the account. Caused my friend a big hassle, but atleast his money was safe. the bank told him, that had he not been a small company and was a larger company that owned others (or was owned by a larger company) - it would have been harder to track, because most companies print checks under the larger company name and distribute to those working at the smaller companies.
The people cashing the checks even had fake employment badges that were made up from taking an image of a real employee badge from the company.
Another bank caught it by knowing the company name printed on the check did not usually issue its payroll with a date on the check that corresponded to a non-pay date.
on a bit of a sad note - with Apple gaining on populary, i have a feeling we may end up like MS with security updates and patches once or multiple times a week. It's only a matter of time before Apple starts becoming popular enough to be targeted by viruses, spyware, malware, trojans, phishing, and the new whaling.
Off subject; but a warning to all. I just heard this on a talk radio show last night......
Whaling - a rather new phishing technique that targets someone who a hacker thinks has a lot of money (like a CEO of a corporation or charity). What this version does is:
1. Sends you an email that makes it look like you or someone high up at your work has been supenoed by a high court. When you open the email, it has the attached document that even the experts say looks very real - right down to a faked goverment website.
2. the email and its attachment installs a trojan on your computer that tracks what you do.
3. it is so advanced that as soon as you log onto your bank or financial website via any mean (online website - through quicken, MSMONEY or others). It sends an alert to the crook and captures even encrypted passwords and can even snoop a VPN and HTTPS://
4. As soon as you sign off another alert goes out. the crook then signs in with your password, changes the password and then starts to withdraw all your money.
So far they estimated that 100,000 CEOs have been target and some have lost $100,000's. that's why it is called whaling - they go after the big guys. they also estimate that a few non-rich people got the email and were swindled also.
If you seen this come your way, you are vulnerable and directed to clean your computer before signing on to a financial institution. This thing has the potential of wiping out entire corporations of their funds, because everyone knows that top management will check corporation accounts from their computer's as well.
Another off topic
I had a friend who owns a small marina, somehow his corporate account number got out. A local crook started printing off payroll checks from "real" area companies using his account number. Luckily one local bank caught first check that was tried to be cashed and froze the account. Caused my friend a big hassle, but atleast his money was safe. the bank told him, that had he not been a small company and was a larger company that owned others (or was owned by a larger company) - it would have been harder to track, because most companies print checks under the larger company name and distribute to those working at the smaller companies.
The people cashing the checks even had fake employment badges that were made up from taking an image of a real employee badge from the company.
Another bank caught it by knowing the company name printed on the check did not usually issue its payroll with a date on the check that corresponded to a non-pay date.
ads shown depend on where yr IP is allocated
it says region 1 or some other number because the ads are region specific.
i am in shanghai china right now and i dont see office depot ads, i see a very bizare ad for a dentist place that caters to european expats living in shanghai.
it says region 1 or some other number because the ads are region specific.
i am in shanghai china right now and i dont see office depot ads, i see a very bizare ad for a dentist place that caters to european expats living in shanghai.