A security flaw has been discovered in Mac OS X that can result in a system being compromised, even if updated with the latest available patches. Secunia has posted a security advisory
detailing the nature of the exploit, which stems from incorrect handling of meta data in various file types:
The vulnerability is caused due to an error in the processing of file association meta data in ZIP archives (stored in the "__MACOSX" folder) and mail messages (defined via the AppleDouble MIME format). This can be exploited to trick users into executing a malicious shell script renamed to a safe file extension stored in a ZIP archive or in a mail attachment.
It's also possible to become compromised just by visiting a particularly crafted site with false files, making this type of exploit rival similar ones found in IE and Windows. Hopefully a patch will be made available soon, and make sure to keep your OS updated.