Malwarebytes reports (archived) that a vulnerability in Apple's latest version of OS X which was reported to exist last month on Stefan Esser's blog (archived) is now appearing on malware in the wild. The flaw came into being through a new feature introduced into the OS X dynamic linker dyld. The new feature allows the linker to log error output to any file on the system without the safety or sanity checks implemented in even "hobbyist" developed Unix systems. Malwarebytes only noticed the flaw being actively exploited because a particular piece of adware had edited the sudoers file on a testing environment while examining the malware. The severity of the flaw though is such that when triggered it can edit any file on the affected machine including executable system files. Esser originally reported this flaw on July 7th, 2015 and Apple has yet to release a patch. On the other hand Esser has published a source code patch on his own which lessens this flaw though it is hard to determine how this patch will interact with possible future updates from Apple.

Josh Wieder wrote in to Cryptome describing that while examining documents contain in WikiLeaks full Stratfor email dump he has so far identified 18 pieces of malware embedded in documents and WikiLeaks has taken no actions to warn potential views of the hazards these documents might present. Weider notes particularly that Adobe PDF, Microsoft Word, and Microsoft Excel documents have been found with embedded malware in the dump. These of course are all file formats which should be quarantined any time the are encountered in the wild and not opened in their intended runtimes without thorough examination. One particularly interesting tidbit is that according to Weider's initial analysis, it appears that the first infected files were introduced to Stratfor's email system through their Chief executive's wife as early as 2003.