Mac OS X Security Risk Published

Proof of concept information about a potential security flaw in Mac OS X has been released, elevating the need for Tiger users to install the Mac OS X 10.4.7 update. According to ZDNet, the flaw, which takes advantage of a vulnerability in the launchd system component, was one of the fixes included with Appleis latest system update that was released earlier this week.

An Apple spokesperson commented "This proof of concept was fixed in Tuesdayis Mac OS X 10.4.7 update."

The launchd proof of concept was created by Kevin Finisterre, a security researcher at Digital Munition, and requires local access to a Mac instead of Internet access. The security flaw could allow someone to execute code on your Mac with higher privileges that the logged in account allows.

So far, there are no known reports of anyone using the launchd proof of concept information to develop an exploit for Mac OS X.