'Extremely Critical' Security Hole Found In Mac OS X

Security research group Secunia is warning all Mac OS X users about what it calls a "highly critical" vulnerability. The vulnerability, Secunia says, affects all Mac OS X users who surf the Web using either Apple Computer's Safari Web browsers or Microsoft's Internet Explorer.

Secunia originally published its advisory Monday, but upgraded it because of new exploits--small applications used to attack software flaws--that the firm became aware of Tuesday.

According to Secunia's advisory, two security flaws can be used by malicious Web sites to remotely access at-risk systems. The security holes have been confirmed on systems running Mac OS X with either Safari 1.2.1 or Internet Explorer 5.2, Secunia says.

Secunia says there's no easy way to fix the flaw but advises users not to visit "untrusted" Web sites and to not surf the Internet as a privileged user. More information is available here.

InformationWeek could not locate a patch, or any information relating to the flaw, on Apple's Web site. An Apple spokesman would only say that the company has "no official comment at this time."

This is yet another security flaw discovered recently in Apple's Mac OS X. Earlier this month. Apple released a security update to plug several flaws in its OS X desktop and server software. That patch fixed several flaws that were discovered by the security firm @stake and made it possible for attackers to hijack systems and launch denial-of-service attacks.