May 2, IDG News Service (International) Microsoft detects new malware targeting Apple computers. Microsoft detected a new piece of malware targeting Apple OS X computers that exploits a vulnerability in the Office productivity suite patched nearly 3 years ago. The malware is not widespread, a researcher from Microsoft's Malware Protection Center said. However, the malware shows hackers pay attention to people not applying patches when fixes are released, which puts their computers at a higher risk of becoming infected. The security update Microsoft released in June 2009, MS09-027, addressed two vulnerabilities that could be used by an attacker to gain remote control over a machine and run other code. Both vulnerabilities could be exploited with a specially-crafted Word document. The exploit discovered by Microsoft does not work with OS X Lion, but does work with Snow Leopard and prior versions. The researcher said it is likely attackers have knowledge about the computers they are attacking, such as the victim's operating system version and patch levels. The malware delivered by the exploit is written specifically for OS X and is essentially a "backdoor," or a tool that allows for remote control of a computer. Microsoft advised those who use Microsoft Office 2004 or 2008 for Mac or the Open XML File Format Converter for Mac to ensure those products applied the patch.
