Boobytrapped images pose threat to Mac users, warns Apple

Users of Mac computers are being advised to install an important security patch, after Apple acknowledged that a serious flaw existed in its Mac OS X operating system that could be exploited by hackers.

In a security advisory posted on its website, the Cupertino-based vendor of iMac and MacBook computers warned that it had discovered that hackers could create specially crafted image files capable of running malicious code without the user’s authorisation, such as a worm or Trojan horse.

The affected image file formats include PNG, Canon RAW and OpenEXR.

To circumvent this and other security issues, Apple is recommend that users install Security Update 2009-003 – updating themselves to Mac OS X v10.5.8:

Apple Mac security update

Owners of Mac computers would be wise to follow Apple’s advice, else put their systems at risk of infection via rigged image files created by hackers.

As described in Sophos’s recently published Security Threat Report, 2009 has seen a number of attacks against users of Apple Mac OS X. Many of these have relied upon social engineering to fool Mac owners into installing Trojan horses on their computers. There is no doubt, however, that cybercriminals would love to be able to exploit software vulnerabilities instead to make infection even easier.