Ok, so either the attacker needs control over one of the DNS servers you're using, or you have to download and execute the attack software yourself.

Is that really what they call a "simple attack"?

Not to say that additional sanity checks aren't mandated when automatically downloading and installing system updates, but this isn't something that every other script kiddie can exploit without thinking.

There are way better ways to attack a machine that are more risky than someone having access to the machine to even gain correct access to pois. it. Thing about Mac OS X is many of the programs are .App, which are bundles you can right click these to browse the folder and find the resources within, this is equivelent to using resedit in mac os x being able to view, change or delete resources so many programs can be fixed in ways to offer sorts of backdoors.

In Mac OS 9 you can create a hostfile for the TCP stack to follow, updating from there would follow under the same privledges - again you fall back on a lot of physical security.

With Mac OS X doing a lot of UNIX there are a million and two ways to modify the files just as if you were on a actual pure Unix machine. Be careful who has access - be more worried about security updates provided by apple, follow those and update whenever available.

This 'issue' has been known about for over a year, i got peoples e-mails to me about it. Apple should be using md5 checksum crap for updates to ensure the purity of the files being installed. hopefully this security notice pushes them to setup some sort of secure method of installation.

Apple has posted a fix.