News 

Security firm Symantec has explained that while the virus is capable of replicating itself, it cannot replicate outside the current directory in the same way that a Windows infection can spread across a system.

'On Windows systems it is common to have directories like "Windows" and "Windows\system32" full of executable files; but, files aren't stored like that on OSX systems,' wrote Peter Ferrie on Symantec's blog.

However the virus author has exposed a genuine vulnerability, finding what Ferrie describes as a 'rather unexpected' region of memory in which to place the code, along

ADVERTISEMENT

with a way to gain immediate control when an infected file is executed. He has also posted the source code on the Internet, raising the possibility that other hackers may develop more effective viruses, although he notes in the source that writing the virus did not prove easy: 'so many problems for so little code'.

Incidentally, Symantec failed to point out in its description of OSX.Macarena that the virus only affects Intel Macs, a point clarified by rival security firm Sophos.

Like Symantec, Sophos says the risk of infection is very low.

'This is a proof-of-concept virus with very limited spreading ability,' said Graham Cluley, senior technology consultant. 'Frankly you're more likely to be struck by lightning than troubled by Macarena. No-one should panic, and while this is an indication that hackers are showing an increased interest in targeting the Mac OS X platform it is still a lot safer place to be than Windows.'

Good practice remains a solid defence against infection on a Mac; that includes not opening email attachments from unknown sources and not visiting spurious websites, particularly site links in spam emails. Apple provides an option in Safari's preferences to turn-off the automatic opening of downloaded files; this is disabled by default in other browsers including Camino and Firefox.