Most tech-savvy computer users have always been careful not to get their PCs infected by viruses, spyware, and most especially Trojan Horses. So imagine the uproar when the computing industry found out that Apple had made use of a Trojan Horse of sorts to offer Safari to Windows users. More in the full article.

One of the biggest rules about maintaining the security and integrity of your computer is not to access unfamiliar and questionable websites - yes, including those websites that a certain broadway production song proclaims that the Internet is for. While you may have the latest in computer security programs, malicious entities such as Trojan Horses can still slip past our defenses and wreak damage - and it only takes a case of mistaken identity, as the guys over at Intego have found out, having discovered a malicious piece of code that victimizes Mac OS X users.

So just what is this little bundle of bad news all about? A new Trojan Horse was found lurking in several naughty websites, one that tricks you into giving it full access to your Mac by pretending to be a video codec installer and asking for your unit's administrator password.

Should the user be tricked into doing so, the Trojan Horse will then successfully infiltrate the system and mess around with things inside quite a bit. Before we go too much into the technobabble, let's just say that this is a very bad thing, and would have you giving out your private details to people you would not even give your calling card to.

What's to be done, then? Well, to protect yourself from this potential threat, Intego suggests running Intego VirusBarrierX4 with its virus definitions kept up to date. Of course, there's also the deal about never clicking any website link that deems suspicious, even if you've got a hankering for the adult stuff.

Symantec the Virus Slayer reported sighting a Trojan horse that exploits the Apple Mac OS X LaunchD Local Format String Vulnerability. It provides root access on the Macintosh OSX version 10.4.6 or earlier.

When OSX.Exploit.Launchd is executed, the malicious bug performs the following actions:

1. Exploits the Apple Mac OS X LaunchD Local Format String Vulnerability which may elevate the privileges of a remote attacker's local account on an Apple Mac OS X computer.
2. Uses a crafted .plist configuration file for LaunchD service. In order to exploit LaunchD the attacker must execute the command: launchctl load [MALICIOUS FILE NAME]
3. Runs inside the process of LaunchD which runs with root privileges.
4. Opens a shell with full root privileges which is controllable by the attacker.

However the company also said the Apple Trojan as a minor threat as it has not spread widely and easily removed. To help minimize attacks Symantec gave the following recommendations:

• Always keep virus protection program up-to-date, especially on computers that host public services and are accessible through the firewall, such as HTTP, FTP, mail, and DNS services (for example, all Windows-based computers should have the current Service Pack installed.).
• Enforce password policy to prevent or limit damage when a computer is compromised.
• Configure email server to block or remove email that contains file attachments that are commonly used to spread viruses, such as .vbs, .bat, .exe, .pif and .scr files.
• Isolate infected computers quickly.
• Train employees not to open attachments unless they are expecting them.

If your Mac is already infected, you may download the removal tools from Symnatec.