Am I missing something, or does the article never say what you'd need to be doing for your Mac to catch a bug like this?

The actual blog entry from F-Secure about this adware makes me a little skeptical of the degree of this problem. Here's the bit the "technology journalists" quote:

In theory, this program could be silently installed to your User account and hooked to each application you use… and it doesn't require Administrator rights to do so.

But the "technology journalists" don't include what F-Secure seems to mean by "silently installed to your User account:"

Especially as it only requires Copy permissions. An Admin could install this globally to all users.

An Admin can install *anything* globally for all users, that's the point of admin accounts. Am I just reading this wrong?

Link to the entry: [f-secure.com...]

It sounds like you're reading it correctly, but it's hard to say, because the entry is quite cryptic, and raises more questions than it answers.

It sounds like the "silent install" referred to only applies to a user account -- so far as I know, for an admin to install anything globally does require entering the admin password, so that would not be "silently installing."

Also, note the wording: "In theory, this program could be silently installed..." It sounds as if the proof-of-concept sample they received does not, in fact, silently install itself, but that F-Secure is speculating that it could, in theory.

I don't claim that Macs are immune to such malware, but I have to be skeptical about claims such as this one, which is long on FUD but short on facts.

"In theory" Windows is just as secure as OS X.

Back in the real world, however.....