A number of vulnerabilities have been identified in the Mac OS X operating system recently, including a buffer overflow in the file-sharing system that could allow a remote attacker to take over control of the system. This has encouraged the media to question whether Macs are open to virus attacks.

According to eWeek, these vulnerabilities could make Macs vulnerable to virus attacks. "Based on this vulnerability, you really could build a Sasser-type worm, one that travels from computer to computer without the user having to do anything stupid such as launch an attachment," says the report.

It continues: "The overflow is in the Apple Filing Protocol (AFP), which provides file-sharing services for both clients and servers similar to SMB/CIFS on Windows and Samba. It's true that AFP is not enabled by default, but it's enabled on anything sharing files.

"Certain requests to authenticate with the target system can overflow it simply by specifying a pathname longer than the specified length. This one, again, shouldn't have made it past any serious scrutiny. It works on multiple OS X versions, and it can give the attacker root privileges."

Slow spreading
The eWeek report suggests that a worm based on the AFP overflow could become a successful worm, because an attack wouldn't be as noticeable as a mail-based attack.

The report explains: "Let's assume that 5 per cent of systems out there are Macintoshes. That means that, scanning randomly, only one in 20 systems attacked could be susceptible. And some percentage of those will either be OS 9 or a patched OS X.

"But it could still spread, just not as quickly as a Windows worm because there are so many fewer targets to hit. And of course, a properly configured firewall also could block the AFP attack."

Apple has patched the vulnerabilities and recommends that Mac users download the recent Security Updates.