A Mail bug patched in Mac OS X 10.4 (Tiger) has been rediscovered in Leopard’s Mail program. The bug allows malicious code to be executed when opening certain types of email attachments, and was thought to be fixed until now.
The problem arises from improper handling of additional file-handling instructions included with file types such as JPEG. Malicious code can be inserted into the information slot, and will be executed when the file is opened. Fortunately, not all file types are affected, and the researchers at Heise Security had difficulties consistently reproducing the problem.
Does this mean the end of Macs-are-better-because-they-can’t-be-attacked fights?