Updated: 03-01-06
Sophos in Mac OS X worm false alarm
Cure worse than disease
By John Leyden
Published Thursday 23rd February 2006
Sophos has apologised after releasing a faulty signature update that flagged up legitimate Mac OS X system files as infected with a new low-risk worm, Inqtana-B.
The faulty signature file, issued on Tuesday, February 21, falsely identified a number of component files of Microsoft Office applications as infectious.
The UK-based anti-virus firm issued a new update in short time, two hours after the dodgy signature files went out.®
Third worm hits Mac OS
TechWorld
By Matthew Broersma
22 February 2006
Security researchers have confirmed what may be the worst-yet security flaw for Apple’s Mac OS X, following the appearance of two Mac worms in a single week.
The newly disclosed bug allows attackers to disguise malicious shell scripts as harmless files stored in ZIP archives. The bug is considered particularly dangerous because it can be used to execute malicious code on a system automatically via the Safari web browser, which is set by default to open ZIP archives.
Like Inqtana.A the .B and .C are locked to certain bluetooth addresses and are time limited to 24. February 2006, so they will not be able to replicate on any real environment and will work only in specially crafted lab. However it is possible that some virus author will create similar worms that are not intentionally limited, so please make sure that your OS X is up to date.
Security researchers said Friday they have found a second virus that affects Apple computers running the Mac OS X operating system, further eroding the long-held belief that Mac machines are more impervious to attacks than Microsoft’s Windows-based personal computers.
