
Apple released a patch to fix the flaw just a few days ago, however, exploit code for the vulnerability has been posted on security websites, prompting the actual creation of the malware.
Antivirus firm Symantec said that the exploit, OSX.Exploit.Launchd, is a trojan horse that exploits the Apple Mac OS X LaunchD local format string vulnerability. It can provide root access on the Macintosh OSX version 10.4.6 or earlier.
The virus does nothing other than open a shell with full root privileges which is controllable by the attacker. Alternatively, a successful attack may crash the application.
Symantec said that the actual threat level, damage potential and distribution rate are low all round.