DESCRIPTION: Michael Lehn has discovered a vulnerability in Mac OS X, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error in the processing of file association meta data (stored in the "__MACOSX" folder) in ZIP archives. This can be exploited to trick users into executing a malicious shell script renamed to a safe file extension stored in a ZIP archive.
This can also be exploited automatically via the Safari browser when visiting a malicious web site.
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
I was at my dads last night, and he mentioned that his computer has been acting differently the last couple of days, getting a lot of pop ups when running IE. So i took a look at it, and on the desktop there is a icon for SysProtectScannerInstall.exe .......