Secure Computing article on the virus which was spread on myspace through a hole in the program upgrade for Quicktime video players. Though a patch was created and passed out at Myspace unless the fix to the upgrade is distributed by quicktime other users and sites can be at the same type of risk. As Apple is aware of the issue, and worked on fixing the patch it is likely that they may have already made it available at their site. However, if people don't know they need a patch, they could be equally vulnerable to phishing attacks using "fake browser windows using the quicktime player to collect passwords.
I recieved my copy of the patch through Myspace. The link to a decmber 5th article on the nature of the attack at my space is http://news.com.com/MySpace+to+Apple+Fix+that+worm/2100-7349_3-6141031.html A site that describes the Quickapace virus is http://www.f-secure.com/v-descs/js_quickspace_a.shtml

For more information visit the article