I had a conversation on a private security mailing list yesterday about Apple not shipping the update to the DNS flaw yet. So I got a hold of Apple, and they told me it would be coming out very soon.
Well, I guess late last night they posted the update. Which, among other things, fixes a bunch of security flaws, including the DNS flaw.
Open Scripting Architecture
Data Detectors Engine
Remember that ARDagent vulnerability? Well it wasn't really a bug in how ARD works, it's a bug in how ARD calls the scripting agent. It's fixed in the above "Open Scripting Architecture" bug.
Subscribe in a reader