informa
/
News

Brief: New Trojan Takes On Mac OS X

A security firm said it found an exploit against one of the five Mac OS X flaws just patched by Apple Computer.
Just days after Apple Computer patched its Mac OS X for five vulnerabilities, a security firm Friday warned that an exploit against one of the fixed flaws has appeared.

Symantec posted a notice of a Trojan horse it called "OSX.Exploit.Launchd" on its security site, but had few details other than a successful installation would give an attacker root, or complete, access to Mac OS X 10.4.6 and earlier systems.

Tuesday, Apple updated Mac OS X to 10.4.7 to, among other things, plug five security holes. One of the five flaws was in "launchd," the operating system's program launch mechanism; launchd was prone to a local format-string vulnerability, Apple said in its 10.4.7 security advisory.

The Tuesday update protects vulnerable Mac OS X users against the Trojan.

Although exploits against Apple's operating system are rare, it's common in the Windows world for attack code to pop up within days of Microsoft releasing security fixes; hackers often reverse engineer a patch to figure out the exact vulnerability so that they can crank out a working exploit.