Apple has come under fire for failing to patch the critical Domain Name System (DNS) flaw which prompted a (rest of) industry wide response earlier this month.
For anyone just back from a trip up the Amazon, the discovery of a domain spoofing vulnerability by security researcher Dan Kaminsky sparked a massive patching effort that began on 8 July. Dozens of vendors - including Microsoft, Cisco, Ubuntu and the Internet Systems Consortium, which maintains BIND - released updates that mitigated against the risk of cache poisoning attacks, which stem from security shortcomings in the protocol itself rather than coding errors.
View: The full story @ The Reg
15 Comments - Add comment