Apple leaves Mac users open to hackers

Automated update feature puts users at risk...

Apple has been warned that hackers can take advantage of a hole on the company's online software update service to piggyback malicious code on downloads. A hacker has posted details on the BugTraq mailing list on how to exploit the vulnerability on any Mac running the OS X operating system. SoftwareUpdate, Apple's software updating mechanism in OS X, checks for new updates from the company's website on a weekly basis. The report claims the feature downloads updates and installs them without asking for authentication. Apple has failed to provide a patch for the problem but said it is investigating the report.