Register FAQ / Rules Forum Spy Search Today's Posts Mark Forums Read
Go Back   MacRumors Forums > News and Article Discussion > Mac Blog Discussion

Reply
 
Thread Tools Search this Thread Display Modes
Old May 31, 2011, 05:43 PM   #1
MacRumors
macrumors bot
 
Join Date: Apr 2001
Mac OS X Now Updates Malware Definitions Daily






Apple has detailed what changes have been made in the latest Mac OS X Snow Leopard Security update that was released earlier today. Besides adding specific detection for the "Mac Defender" malware, Apple has added a daily update to this database.
Quote:
Apple maintains a list of known malicious software that is used during the safe download check to determine if a file contains malicious software. The list is stored locally, and with Security Update 2011-003 is updated daily by a background process.
This means that Apple will be able to push out profiles for newly found malware without requiring a new software update.

Users can opt-out of this daily download if they choose.

Article Link: Mac OS X Now Updates Malware Definitions Daily
MacRumors is offline   4 Reply With Quote
Old May 31, 2011, 05:46 PM   #2
flopticalcube
macrumors G4
 
flopticalcube's Avatar
 
Join Date: Sep 2006
Location: In the velcro closure of America's Hat
Hello Microsoft Security Essentials ala Apple.
__________________
Read the Rules / Search the Forums / Use a Descriptive Title
Mac Won't Boot?
flopticalcube is offline   -2 Reply With Quote
Old May 31, 2011, 05:48 PM   #3
firestarter
macrumors Demi-God
 
firestarter's Avatar
 
Join Date: Dec 2002
Location: Green and pleasant land
They clearly had this waiting in the wings. Good move, Apple.
firestarter is offline   11 Reply With Quote
Old May 31, 2011, 05:52 PM   #4
Spanky Deluxe
macrumors 601
 
Spanky Deluxe's Avatar
 
Join Date: Mar 2005
Location: London, UK
Ah so that's what the new request was that Little Snitch picked up on post updating. Great to know that Apple is staying on top of things.
__________________
"No, I'm from Iowa, I only work in outer space."
Spanky Deluxe is offline   7 Reply With Quote
Old May 31, 2011, 05:57 PM   #5
whustedt
macrumors newbie
 
Join Date: May 2011
Location: Northern Germany
does it work with non-admin accounts?

do you think this will be failsafe when you're using a standard-account?
normal system-updates do not work when you're no admin.
(even though you can activate it in system prefs)
whustedt is offline   0 Reply With Quote
Old May 31, 2011, 06:02 PM   #6
NAG
macrumors 68030
 
NAG's Avatar
 
Join Date: Aug 2003
Location: /usr/local/apps/nag
About time. Any computer that isn't locked down like iOS needs to have something like this no matter how unlikely it is your computer will get the malware.
NAG is offline   3 Reply With Quote
Old May 31, 2011, 06:06 PM   #7
roadbloc
macrumors 604
 
roadbloc's Avatar
 
Join Date: Aug 2009
Location: UK
Send a message via Skype™ to roadbloc
OS X now has an inbuilt antivirus. The day has come.
__________________
roadbloc is online now   -8 Reply With Quote
Old May 31, 2011, 06:07 PM   #8
Northgrove
macrumors 6502a
 
Join Date: Aug 2010
I never expected this from Apple.

I completely expected a "OK, we'll take this one but this is really rare and Macs don't really catch much malware".

That Apple is here to help with malware from the first known wide-spread case is pretty much unprecedented in the industry as far as I know. I mean as an OS vendor, and as for protecting their own OS. Good job! And thanks for not being ignorant about it.
__________________
iPhone 5 rMBP 15" (2012)
Northgrove is offline   3 Reply With Quote
Old May 31, 2011, 06:09 PM   #9
Cougarcat
macrumors 603
 
Join Date: Sep 2003
Quote:
Originally Posted by roadbloc View Post
OS X now has an inbuilt antivirus. The day has come.
It's had anti-malware support since 10.6.0 This just makes updating it automatic.
Cougarcat is offline   8 Reply With Quote
Old May 31, 2011, 06:23 PM   #10
NAG
macrumors 68030
 
NAG's Avatar
 
Join Date: Aug 2003
Location: /usr/local/apps/nag
Quote:
Originally Posted by Cougarcat View Post
It's had anti-malware support since 10.6.0 This just makes updating it automatic.
The auto updating kind of makes the feature though since it allows Apple to decouple immediate security threats from their normal update cycle.
NAG is offline   3 Reply With Quote
Old May 31, 2011, 06:30 PM   #11
frankieboy
macrumors regular
 
Join Date: Jun 2009
I don't think the Safe Downloads List feature works with Google Chrome, because I don't think Google Chrome implements the file quarantine metadata attribute.

I just downloaded sArchiver with Chrome 12.0.742.68 beta. I got no quarantine dialog when I unzipped it or when I launched it.

I refer to the feature than can be toggled on/off in System Preferences > Security > General tab after installing Security Update 2011-003.

I hope I am wrong.

Last edited by frankieboy; May 31, 2011 at 07:10 PM.
frankieboy is offline   0 Reply With Quote
Old May 31, 2011, 06:30 PM   #12
Dammit Cubs
macrumors 65816
 
Dammit Cubs's Avatar
 
Join Date: Jul 2007
And so it begins .......
__________________
32GB Galaxy Nexus LTE Version
32GB wifi NEW iPad with Retina!!
2.4GHz 2010 Mac Mini
2012 15'' Macbook Pro 2.3/8/256 SSD with Retina
Dammit Cubs is offline   -7 Reply With Quote
Old May 31, 2011, 06:33 PM   #13
z3r0
macrumors member
 
Join Date: Jan 2011
A Jail/Sandbox would make Trojans a none issue. Along with an out going firewall to stop phoning home. Finally only allowing applications to be executable/ran from specific directories. Now reason I should be able to run an app that's installed in another location besides the Applications folder. Unix apps that are installed in bin etc... Would need admin rights/sudo to be installed in the first place.
z3r0 is offline   0 Reply With Quote
Old May 31, 2011, 06:36 PM   #14
MacMan86
macrumors 6502
 
Join Date: Jul 2008
Location: UK
Quote:
Originally Posted by Northgrove View Post
I never expected this from Apple.

I completely expected a "OK, we'll take this one but this is really rare and Macs don't really catch much malware".

That Apple is here to help with malware from the first known wide-spread case is pretty much unprecedented in the industry as far as I know. I mean as an OS vendor, and as for protecting their own OS. Good job! And thanks for not being ignorant about it.
The basis for malware detection and removal has been there since the release of Snow Leopard, following some moderately wide-spread malware (this is not the first case by any means). It's not unprecedented, Windows has a 'Malicious Software Removal Tool' which receives regular updates along with Windows Defender. Nevertheless, still a good move from Apple
MacMan86 is offline   0 Reply With Quote
Old May 31, 2011, 06:43 PM   #15
mcdermd
macrumors regular
 
Join Date: Mar 2004
And yet they keep "Open 'safe' files" around in Safari. Get rid of that already.
__________________
Vintage http://www.applefool.com
mcdermd is offline   1 Reply With Quote
Old May 31, 2011, 06:51 PM   #16
NAG
macrumors 68030
 
NAG's Avatar
 
Join Date: Aug 2003
Location: /usr/local/apps/nag
Quote:
Originally Posted by z3r0 View Post
A Jail/Sandbox would make Trojans a none issue. Along with an out going firewall to stop phoning home. Finally only allowing applications to be executable/ran from specific directories. Now reason I should be able to run an app that's installed in another location besides the Applications folder. Unix apps that are installed in bin etc... Would need admin rights/sudo to be installed in the first place.
This would require Apple to implement a better installer than double click a DMG file and drag the app out of it. I have seen so many people never do that last step. It really is a failing of OS X to rely on DMGs like that (the good apps have a first run check to make sure you actually installed it in the Applications folder, which should be a default feature of the OS).
NAG is offline   1 Reply With Quote
Old May 31, 2011, 07:08 PM   #17
irishgrizzly
macrumors 65816
 
irishgrizzly's Avatar
 
Join Date: May 2006
Quote:
Originally Posted by MacRumors View Post
Users can opt-out of this daily download if they choose.
Where is this option?
irishgrizzly is offline   0 Reply With Quote
Old May 31, 2011, 07:10 PM   #18
asdf542
macrumors 6502
 
Join Date: Oct 2010
Quote:
Originally Posted by irishgrizzly View Post
Where is this option?
asdf542 is offline   2 Reply With Quote
Old May 31, 2011, 07:10 PM   #19
frankieboy
macrumors regular
 
Join Date: Jun 2009
Quote:
Originally Posted by irishgrizzly View Post
Where is this option?
See System Preferences > security > General tab.
frankieboy is offline   0 Reply With Quote
Old May 31, 2011, 07:11 PM   #20
MacMan86
macrumors 6502
 
Join Date: Jul 2008
Location: UK
Quote:
Originally Posted by irishgrizzly View Post
Where is this option?
It's shown in the linked article http://support.apple.com/kb/HT4651

It's in the Security Preferences Pane - although I can't think of a single good reason to change it from the default setting.
MacMan86 is offline   0 Reply With Quote
Old May 31, 2011, 07:13 PM   #21
rorschach
macrumors 68000
 
Join Date: Jul 2003
Quote:
Originally Posted by NAG View Post
This would require Apple to implement a better installer than double click a DMG file and drag the app out of it. I have seen so many people never do that last step. It really is a failing of OS X to rely on DMGs like that (the good apps have a first run check to make sure you actually installed it in the Applications folder, which should be a default feature of the OS).
Yeah, just have a dialog when the user tries to run an app from a DMG that asks if they want to copy it to the Applications folder.
__________________
MacBook Air 13-inch (Mid 2012), iPhone 5
rorschach is offline   0 Reply With Quote
Old May 31, 2011, 07:16 PM   #22
lewis82
macrumors 68000
 
lewis82's Avatar
 
Join Date: Aug 2009
Location: Totalitarian Republic of Northlandia
Does this only work while using Safari (the main threat in the whole affair)? If I use Firefox, not only because it's better but also safer, I'm not protected? Or does it scan all .dmg/.mpkg files on opening?
__________________
Master Procrastinator. If you see me posting, I should be doing homework.
Downvoting is for sissies.
lewis82 is offline   -2 Reply With Quote
Old May 31, 2011, 07:21 PM   #23
NAG
macrumors 68030
 
NAG's Avatar
 
Join Date: Aug 2003
Location: /usr/local/apps/nag
Quote:
Originally Posted by lewis82 View Post
Does this only work while using Safari (the main threat in the whole affair)? If I use Firefox, not only because it's better but also safer, I'm not protected? Or does it scan all .dmg/.mpkg files on opening?
This is at a system level. The only thing you have to worry about as far as browsers is that you turn off opening "safe" downloads automatically because there is no such thing as a safe download as far as the internet is concerned.
NAG is offline   0 Reply With Quote
Old May 31, 2011, 07:21 PM   #24
MacMan86
macrumors 6502
 
Join Date: Jul 2008
Location: UK
Quote:
Originally Posted by lewis82 View Post
Does this only work while using Safari (the main threat in the whole affair)? If I use Firefox, not only because it's better but also safer, I'm not protected? Or does it scan all .dmg/.mpkg files on opening?
Yes, of the browsers, it's only Safari:

Quote:
Files downloaded via applications such as Safari, iChat, and Mail are checked for safety at the time that they are opened
http://support.apple.com/kb/HT4651

EDIT: Looking back at some of the original info on this (http://www.theregister.co.uk/2009/08...re_protection/) it looks like Firefox is included in the select number of applications

Last edited by MacMan86; May 31, 2011 at 07:27 PM.
MacMan86 is offline   1 Reply With Quote
Old May 31, 2011, 07:56 PM   #25
caspersoong
macrumors 6502a
 
Join Date: Feb 2011
Awesome! Now I can let my father buy a Mac in peace.
__________________
New iPad (White), 32GB ; 13" MacBook Pro (Late 2011), 2.4 GHz i5 with 256 GB Crucial M4 SSD; iPhone 4S (Black), 16 GB.
caspersoong is offline   0 Reply With Quote

Reply
MacRumors Forums > News and Article Discussion > Mac Blog Discussion

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
Apple Enforces Adobe Flash Player Security Upgrade with Updated Malware Definitions MacRumors Mac Blog Discussion 51 Feb 15, 2014 11:04 AM
No daily email updates for subscribed forums steve-w55 Site and Forum Feedback 2 Nov 16, 2013 10:02 AM
Apple Updates OS X Anti-Malware Definitions to Block 'Yontoo' Adware MacRumors MacRumors.com News Discussion 66 Mar 26, 2013 08:22 AM
Apple Releases Java Updates for OS X, Including Malware Removal Tool MacRumors MacRumors.com News Discussion 59 Feb 21, 2013 01:34 PM
Apple Quickly Updates Malware Definitions to Detect New SMS Scam Trojan MacRumors MacRumors.com News Discussion 94 Dec 26, 2012 02:39 PM

Forum Jump

All times are GMT -5. The time now is 07:28 AM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC