Apple has played down the security risk of a security hole in its Mac OS X operating system that is exploited by the Trojan Horse already posted on the Net.
The company said it was "aware of the issue", raised by security software maker Intego in which applications can be made to appear as other types of files, raising the possibilities that people can be fooled into opening malicious files. It added that it was investigating the problem.
"We are aware of the potential issue identified by Intego and are working proactively to investigate it," Apple said in a statement. "While no operating system can be completely secure from all threats, Apple has an excellent track record of identifying and rapidly correcting potential vulnerabilities."
However, Intego has already released a Trojan horse called MP3Concept that exploits the weakness. It remains officially a proof-of-concept rather than a real Trojan Horse, and anti-virus company Symantec said that it has yet to find any versions of it "in the wild", so the problem is not major - yet.
Ironically, one analyst put the hole exploitation down to Apple's success in marketing its operating system. "This is something you have to expect as an operating system gets a higher profile," said Ray Wagner, research director at Gartner. "I don't think virus writers were ever thinking they could not write a virus for Mac OS X, I just don't think they were interested in the lower profile systems."
In a note posted to their website on Friday, Intego defended releasing the Trojan Horse information. "The exploit that it uses is both insidious and dangerous and it is our duty as a vendor of Macintosh security solutions to protect our users. We don't believe in waiting until the damage occurs, unlike some of our competitors."
While the Trojan Horse itself may be benign, exposing the vulnerability is significant. "This certainly gives absolute proof that there are vulnerabilities in Mac OS X," said Wagner. "In this case it's relatively high-profile because of the use of MP3, but this does not appear to be a terribly big deal."