According to IT security and data protection firm Sophos, Apple updated its malware protection system when it released Mac OS X 10.6.4 a few days back, but made no mention of it in the accompanying release notes or security bulletin. The threat in question has been distributed by hackers since April disguised as iPhoto and can be used to send spam, access your files, take screenshots of what you are doing and copy your clipboard.
As a firm that writes and sells antivirus software, it's easy to see why Sophos took a negative response to Apple's secrecy, suggesting they are simply trying to downplay security threats for marketing purposes. Furthermore, the company noted that while it's a positive thing that Apple had updated Mac OS X security, the solution is lacking as will only intercept malware if a user has downloaded it to their computer and then tried to run the file from their desktop. If the malware comes via a USB stick, for example, Apple's anti-malware tool reportedly misses the threat.