Mac OS X Security flaw round-up

"Zero-day exploit" ("Safari Automatically Executes Shell Scripts") a.k.a the resource fork hole

• "Safari Automatically Executes Shell Scripts" vulnerability (zero-day exploit) [#3]: Protective methods, more
• Explanation, fixes for "Safari Automatically Executes Shell Scripts" vulnerability; similar to Widget vulnerability

OSX/Inqtana.A, OSX/Inqtana.B, OSX/Inqtana.C

• OSX/Inqtana.A, OSX/Inqtana.B worm (#3): Sophos fixes false positive flaw
• OSX/Inqtana.A, OSX/Inqtana.B worm (#2): Sophos AntiVirus software generating false positives, wreaking system havoc
• OSX/Inqtana.A worm affects older versions of Mac OS X 10.4.x (Tiger) -- not found in wild

Oompa-Loompa Trojan (OSX/Oomp-A or Leap-A)

• Oompa-Loompa Trojan (OSX/Oomp-A) [#3]: ClamXav virus definitions updated; When the trojan will ask for an administrator password
• Virus protection software makers respond to Oompa-Loompa trojan (OSX/Oomp-A); protective methods
• Mac OS X malware "OSX/Oomp-A" discovered -- effects seem innocuous

Resources