Apple warned of update exploit
Apple is under the gun to address a reported security gap that could allow attackers to attach malicious code to automatic updates for Mac OS X.
According to experts, the value of Mac's SoftwareUpdate program -- which automatically checks each week for system updates from Apple -- outweighs the risk of the security hole. However, exploiting Apple's currently unverified updates would be "trivial," according to Russell Harding, who posted the exploit to security mailing list BugTraq.
[ Read more ]