New Mac vulnerability – delivered through Microsoft Word documents

Costin Raiu, a lab expert at security firm Kapersky, reports that a new malware affecting Mac OS X is active and in the wild. The malware infects computers through Microsoft Word documents exploiting a known vulnerability.

  • At least two variants of the SabPub bot exist today.
  • The earliest version of the bot appears to have been created and used in February 2012.
  • The malware is being spread through Word documents that exploit the CVE-2009-0563 vulnerability.
  • SabPub is different from MaControl, another bot used in APT attacks in February 2012; SabPub was more effective because it stayed undetected for more than 1.5 months.
  • the APT behind SabPub is active at the time of writing.

Via SecureList