toggle

AAPL Stock: 112.01 ( -0.53 )

Printed from http://www.macnn.com

New Mac Defender variant already being blocked by Mac OS X

updated 12:30 pm EDT, Thu June 2, 2011

Definitions updating silently

A newer variant of Mac Defender which bypassed Security Update 2011-003 on Tuesday has in turn been defeated by a definition update, an Italian website notes. A check of Snow Leopard's XProtect.plist file should now show an entry for "OSX.MacDefender.C." Definitions for A and B variants of the malware were included with the Security Update.

The PLIST file reveals that Apple is indeed doing silent updates of Snow Leopard's antivirus protection, rather than notifying people of changes. The Security Update introduced automatic definition updates to the OS, similar to systems employed by third-party AV tools. By building definitions to update without formal patches, Apple should be able to more rapidly respond to the growing number of Mac security threats.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. jscotta

    Joined: Dec 1969

    +9

    WTG APPLE

    No need for a press release and a lot of hype over how well OS X continues to work. As Nike says, "Just Do It".

  1. B9bot

    Joined: Dec 1969

    +3

    Where is this plist file? I've searched for it fou

    I'm wondering where this plist file is, because I've searched for it and can't find it.

  1. B9bot

    Joined: Dec 1969

    +2

    Mac Central explains where it is or how to find it

    In terminal you can copy and paste the following to find out if you are up to date.

    more /System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/XProtect.meta.plist

    It should say

    LastModification
    Wed, 01 Jun 2011 21:19:15 GMT
    Version
    2

    If it does your security update is working and updating fine.

    Comment buried. Show
  1. Feathers

    Joined: Dec 1969

    -11

    Consolidation

    All this stupid trojan does is provide further support for the notion of the App Store becoming the sole method or vector through which anything can be installed onto a Mac. That would be a classic case of surrendering freedom for security and we know what Ben Franklin said about that!

  1. testudo

    Joined: Dec 1969

    -9

    Re: Consolidation

    Since it would be in Apple's best interests financially to have such total control, then this would lead the conspiracy theorist to suggest that Apple is in some way behind these attacks in the first place.

  1. testudo

    Joined: Dec 1969

    -6

    Re: WTG APPLE

    No need for a press release and a lot of hype over how well OS X continues to work. As Nike says, "Just Do It".


    Last I checked, the only companies sending out press releases about adding in support to fight some malware are the virus makers - er, I mean virus-scanner makers trying to sell products.

    Heck, don't even recall Apple sending out a PR about putting in the original block.

  1. tntracy

    Joined: Dec 1969

    +3

    Here Is a Link To Macworld Article...

    ...that contains the terminal command posted above to check the malware definitions version, as well as how to "force" an update:

    http://www.macworld.com/article/160253/2011/06/force_mac_update_malware_definitions.html

  1. facebook_Clarence

    Via Facebook

    Joined: Jun 2011

    -4

    Letters

    If this is already MacDefender.C, Apple is going to run out of letters fast!

  1. facebook_Boyd

    Via Facebook

    Joined: Jun 2011

    +2

    Great job apple

    They were on this pretty fast. I for one love the silent updates. I don't have to worry about it. Great job Apple.

  1. donmontalvo

    Joined: Dec 1969

    +1

    Famous quote...

    Alrightly then...this reminds me of an old movie quote...

    Will Hunting: "How do you like them Apples?"

    Apple raises the bar. Again. :)

    PS, I just hope hackers don't get to the definitions list...

    http://configuration.apple.com/configurations/macosx/xprotect/1/clientConfiguration.plist

    Don Montalvo, TX

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Dell AD211 Bluetooth speaker

For all of the high-priced, over-engineered Bluetooth speakers in the electronics market, there is still room for mass-market solution ...

VisionTek 128GB USB Pocket SSD

USB flash drives dealt the death blow to both the floppy and Zip drives. While still faster than either of the old removable media, sp ...

Kodak PixPro SL10 Smart Lens Camera

Smartphone imagery still widely varies. Large Megapixel counts don't make for a good image, and the optics in some devices are lackin ...

toggle

Most Commented