Microsoft researchers have discovered new malware targeting Mac OS, but unlike Flashback, this one is targeting a flaw in Office for Mac that was patched years ago.
In 2009, Microsoft patched a flaw in Office for Mac that would have allowed an attacker the ability to execute code remotely. Yet, three years later, the flaw itself remains unpatched on several systems. With that said, the bad news is that attackers have created malware to target the vulnerability in the Mac OS X version of Office. The good news is that the malware itself isn’t widespread.
The flaw is present in Office 2004 and Office 2008 for Mac. However, after examining the malware further, it appears that the attack fails in Lion. Thus, Microsoft concluded, the attack is targeting users on Snow Leopard or earlier versions of OS X, and the code’s developer was familiar target environment beforehand.
The malware itself is rather generic, but once it is installed, the attacker’s command and control server will gain complete control over the system.
“We can see that Mac OSX is not safe from malware,” Microsoft wrote.
“Statistically speaking, as this operating system gains in consumer usage, attacks on the platform will increase. Exploiting Mac OSX is not much different from other operating systems. Even though Mac OSX has introduced many mitigation technologies to reduce risk, your protection against security vulnerabilities has a direct correllation with updating installed applications.”
More information is on the MMPC Blog.