A researcher published details and proof-of-concept code on Tuesday for a critical security flaw in Mac OS X that could allow a malicious Web site to automatically install code on Apple's flagship computers running in their default configuration.
The flaw, found by German researcher Michael Lehn, occurs in how the Mac OS X processes file-association meta data for ZIP files. A malicious Web site could use the flaw to run a program automatically on a visitor's Mac with the context of the user.
Apple's Mac OS X has become the focus of flaw finders and worm writers over the past month. In the last week, virus writers cobbled together two worms that attack Mac OS X and attempt to spread, one through the iChat instant messaging application and the other through Bluetooth connections. Both worms had programming issues and did not spread very successfully.
The latest exploit has not yet been confirmed in the wild, but it is trivial to reproduce, according to several analyses. An attack could be stopped by disabling the "Open safe files after downloading" option in Safari, according to the analyses.
Posted by: Robert Lemos