iGawyn writes "As reported in this BugTraq post, Mac OS and Mac OS X (via Classic) are both subject to an auto-execution vulnerability. In short, the poster says that various web browsers can automatically download a disk image containing malicious code and run it without ever telling the user. vm_converter made a test page to demonstrate the vulnerability." Yes, this is a nice variation on a theme. The lesson is: don't ever have "CD-ROM AutoPlay" turned on in your QuickTime preferences.