The Microsoft Malware Protection Center blogged a couple of days ago on An interesting case of Mac OSX malware, which turned out to be exploiting MS09-027, a remote code execution vulnerability in the Mac version of Microsoft Office for which a patch has been available since the Jurassic (well, about three years ago). There’s a message there about how careful Mac users are about patching.
Especially when they don’t get a nag message from Apple itself, as is likely to be the case when the patch is for a third party application. If you’re using Microsoft Office 2004 for Mac, Microsoft Office 2008 for Mac or Open XML File Format Converter for Mac, now might be a good time to check that you have the updates. However, the malware isn’t widespread, and it doesn’t affect Lion users. Furthermore, the sample MMPC used for its interesting analysis is one that’s already detected by a high proportion of antivirus companies.
David Harley CITP FBCS CISSP