toggle

AAPL Stock: 562.29 ( -3.03 )

New Mac Defender variant already being blocked by Mac OS X

updated 12:30 pm EDT, Thu June 2, 2011

Definitions updating silently


A newer variant of Mac Defender which bypassed Security Update 2011-003 on Tuesday has in turn been defeated by a definition update, an Italian website notes. A check of Snow Leopard's XProtect.plist file should now show an entry for "OSX.MacDefender.C." Definitions for A and B variants of the malware were included with the Security Update.

The PLIST file reveals that Apple is indeed doing silent updates of Snow Leopard's antivirus protection, rather than notifying people of changes. The Security Update introduced automatic definition updates to the OS, similar to systems employed by third-party AV tools. By building definitions to update without formal patches, Apple should be able to more rapidly respond to the growing number of Mac security threats.


by MacNN Staff

print
email
(15)

TAGS :

 security, Mac OS X, Snow Leopard

Related Articles

Recent Articles

toggle

Comments

  1. jscotta

    Fresh-Faced Recruit

    Joined: Jun 2002

    +9
    06/02, 01:22pm | report spam | Reply |

    WTG APPLE

    No need for a press release and a lot of hype over how well OS X continues to work. As Nike says, "Just Do It".

  1. B9bot

    Fresh-Faced Recruit

    Joined: Dec 2008

    +3
    06/02, 01:32pm | report spam | Reply |

    Where is this plist file? I've searched for it fou

    I'm wondering where this plist file is, because I've searched for it and can't find it.

  1. B9bot

    Fresh-Faced Recruit

    Joined: Dec 2008

    +2
    06/02, 01:56pm | report spam | Reply |

    Mac Central explains where it is or how to find it

    In terminal you can copy and paste the following to find out if you are up to date.

    more /System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/XProtect.meta.plist

    It should say

    LastModification
    Wed, 01 Jun 2011 21:19:15 GMT
    Version
    2

    If it does your security update is working and updating fine.

    Comment buried. Show
  1. Feathers

    Grizzled Veteran

    Joined: Oct 1999

    -11
    06/02, 02:34pm | report spam | (2 replies) Reply |

    Consolidation

    All this stupid trojan does is provide further support for the notion of the App Store becoming the sole method or vector through which anything can be installed onto a Mac. That would be a classic case of surrendering freedom for security and we know what Ben Franklin said about that!

  1. testudo

    Fresh-Faced Recruit

    Joined: Aug 2001

    -9
    06/02, 02:39pm | report spam | (1 reply) Reply |

    Re: Consolidation

    Since it would be in Apple's best interests financially to have such total control, then this would lead the conspiracy theorist to suggest that Apple is in some way behind these attacks in the first place.

  1. testudo

    Fresh-Faced Recruit

    Joined: Aug 2001

    -6
    06/02, 02:41pm | report spam | Reply |

    Re: WTG APPLE

    No need for a press release and a lot of hype over how well OS X continues to work. As Nike says, "Just Do It".


    Last I checked, the only companies sending out press releases about adding in support to fight some malware are the virus makers - er, I mean virus-scanner makers trying to sell products.

    Heck, don't even recall Apple sending out a PR about putting in the original block.

  1. tntracy

    Fresh-Faced Recruit

    Joined: Feb 2005

    +3
    06/02, 03:07pm | report spam | Reply |

    Here Is a Link To Macworld Article...

    ...that contains the terminal command posted above to check the malware definitions version, as well as how to "force" an update:

    http://www.macworld.com/article/160253/2011/06/force_mac_update_malware_definitions.html

  1. facebook_Clarence

    Via Facebook

    Joined: Jun 2011

    -4
    06/02, 04:44pm | report spam | (1 reply) Reply |

    Letters

    If this is already MacDefender.C, Apple is going to run out of letters fast!

  1. facebook_Boyd

    Via Facebook

    Joined: Jun 2011

    +2
    06/02, 08:39pm | report spam | Reply |

    Great job apple

    They were on this pretty fast. I for one love the silent updates. I don't have to worry about it. Great job Apple.

  1. donmontalvo

    Fresh-Faced Recruit

    Joined: Oct 2009

    +1
    06/02, 09:41pm | report spam | Reply |

    Famous quote...

    Alrightly then...this reminds me of an old movie quote...

    Will Hunting: "How do you like them Apples?"

    Apple raises the bar. Again. :)

    PS, I just hope hackers don't get to the definitions list...

    http://configuration.apple.com/configurations/macosx/xprotect/1/clientConfiguration.plist

    Don Montalvo, TX

Login Here

Not a member of the MacNN forums? Register now for free.

 
close
Photo
toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

iHome iW2 AirPlay speaker

iHome generally isn't known as a luxury brand when it comes to audio, but it is prolific -- the company's docks and speakers are every ...

Logitech Ultrathin Keyboard Cover

One of the iPad's main weaknesses has always been productivity. It's not a question of apps; while it has taken a little time for a na ...

Logitech UE Air Speaker

If maybe a little more slowly than Apple would like, AirPlay is becoming a staple of the wireless speaker market for iOS devices. The ...

toggle

Most Commented

 

Popular News