Mac Malware Door Creaks Open

KingFish

Dashboard, one of the much-publicized features of Apple Computer's latest OS, Tiger, could be ripe for exploitation by porn scammers.

Apple has been encouraging developers to create new widgets for Tiger's Dashboard-—a semi-transparent layer of everyday, often-used applications such as a calculator or currency converter that appears over the user's desktop—-but within days of its public release, one developer claims to have already found a way to turn widgets into potential malware.

Developer Stephan, who has posted the widgets to his blog, has created two mini-apps which he describes as "slightly evil." One widget, he says, will automatically install itself on users' desktops when his "Zaptastic" Web site is visited using Apple's Safari browser.

This, according to Stephan, is a golden opportunity for porn scammers, enabling them to auto-install widgets that can hijack browsers.

Source: c|net

Kwitko

Vulnerabilities on a Mac? Never!

gibbonsl

it was just a matter of time

Nosferatu

disabling auto-running of "safe" apps fixes this. it's pretty dumb to enable that option anyway.

Private_Snoball

it was just a matter of time

I've been saying it since day one. When the Mac gets popular, the flaws will multiply. When you look at Nosferatu's response, one could argue that most MS systems are only infected if people don't patch, which is also very dumb to do. Virus/Malware writers are just waiting for those dumb people to go buy a computer .

primesuspect

Doesn't work in firefox, though.

D00D

2 stories about mac security flaws in the same week? Even Windows XP hasn't seen that as far as I know.