Apple Addresses 'Mac Defender' Threat With Security Update 2011-003 for Snow Leopard

[MacRumors]

Apple today released Security Update 2011-003 (Snow Leopard), a new software update that addresses the "Mac Defender" malware that has been afflicting Mac users over the past month.

- Malware removal

Available for: Mac OS X v10.6.7, Mac OS X Server v10.6.7

Impact: Remove the MacDefender malware if detected

Description: The installation process for this update will search for and remove known variants of the MacDefender malware. If a known variant was detected and removed, the user will be notified via an alert after the update is installed.

The update weighs in at 2.36 MB and requires Mac OS X 10.6.7.

Article Link: Apple Addresses 'Mac Defender' Threat With Security Update 2011-003 for Snow Leopard

 

[ImNoSuperMan]

While i dont know the actual threat of his particular 'malware', I think apple needs to do a lot better than this in future. Such hot fixes need to be available within a couple of days max. If i wanted to use a virus/malware prone PC for weeks, i'd have simply opted for a windows machine instead of the mac!

 

[Cougarcat]

While i dont know the actual threat of his particular 'malware', I think apple needs to do a lot better than this in future. Such hot fixes need to be available within a couple of days max. If i wanted to use a virus/malware prone PC for weeks, i'd have simply opted for a windows machine instead of the mac!

And it should be available for 10.5 as well.

 

[Slix]

That's good that Apple addressed the issue, Windows updates for this type of thing seem to never happen.

 

[Surely]

No alert after I installed it, so I guess no malware on my Mac.........

 

[Chris Grande]

This security update also makes the system automatically and in the background update the File Quarantine definitions daily.

 

[Madonepro]

While i dont know the actual threat of his particular 'malware', I think apple needs to do a lot better than this in future. Such hot fixes need to be available within a couple of days max. If i wanted to use a virus/malware prone PC for weeks, i'd have simply opted for a windows machine instead of the mac!

Maybe then learn what the actual threat is, and then you might realise why Apple didn't respond with the level of urgency you suggest.

But if you feel that a PC is more appropiate, seeya...

 

[MacMan86]

While i dont know the actual threat of his particular 'malware', I think apple needs to do a lot better than this in future. Such hot fixes need to be available within a couple of days max. If i wanted to use a virus/malware prone PC for weeks, i'd have simply opted for a windows machine instead of the mac!

Apple have just made the very sensible step of allowing auto-updating of their malware definitions list. Future malware shouldn't require a formal Software Update:

"File Quarantine

Available for: Mac OS X v10.6.7, Mac OS X Server v10.6.7

Impact: Automatically update the known malware definitions

Description: The system will check daily for updates to the File Quarantine malware definition list. An opt-out capability is provided via the "Automatically update safe downloads list" checkbox in Security Preferences. Additional information is available in this Knowledge Base article: http://support.apple.com/kb/HT4651"
From http://support.apple.com/kb/HT4657

 

[Michaelgtrusa]

Good news.

 

[BLACKFRIDAY]

This security update also makes the system automatically and in the background update the File Quarantine definitions daily.

Can you please elaborate?

 

[ten-oak-druid]

Can you imagine having to deal with this malware stuff constantly?

I'm glad I use OS X.

 

[crazzyeddie]

Only for 10.6.7? What about 10.5.x or those on lower versions of 10.6? I almost understand 10.5.x... but this list exists in all versions of 10.6.x IIRC...

 

[Chris Grande]

Can you please elaborate?

As posted above the 2011-003 updated also includes this change:

File Quarantine

Available for: Mac OS X v10.6.7, Mac OS X Server v10.6.7

Impact: Automatically update the known malware definitions

Description: The system will check daily for updates to the File Quarantine malware definition list. An opt-out capability is provided via the "Automatically update safe downloads list" checkbox in Security Preferences. Additional information is available in this Knowledge Base article: http://support.apple.com/kb/HT4651

 

[mysticalos]

People complaining apple should have done an update withing 1-2 days. really? this is still blown out of proprotion, it's not a virus that installs itself automatically, it's something the user has to install themselves and actually run, removal is as easy as draging it to trash. i'm actually disapointed apple is catoring to this with a new daemon that's now running in background on OS that's scanning downloads for known threats. all because users don't think before they install crap.

and

"Only for 10.6.7? What about 10.5.x or those on lower versions of 10.6? I almost understand 10.5.x... but this list exists in all versions of 10.6.x IIRC..."

really? why should apple provide updates for obsolete OS versions that have FREE updates available?

 

[stuffradio]

Can you imagine having to deal with this malware stuff constantly?

I'm glad I use OS X.

No, I can't imagine it. I'm running Windows 7 on my PC. I also have a Mac Mini, but I don't use it nearly as much.

I don't get viruses on Windows. It's a myth spread by the elitist Apple fanboys. Although, I guess I can be a bit elitist in a way in the Apply fanboy world for loving my iPhone 4, but wishing Apple would let us sideload Cydia or something.

 

[elppa]

While i dont know the actual threat of his particular 'malware', I think apple needs to do a lot better than this in future. Such hot fixes need to be available within a couple of days max. If i wanted to use a virus/malware prone PC for weeks, i'd have simply opted for a windows machine instead of the mac!

This is so typical of the worst posts on here.

Blah, blah, blah… I'm going to have my moan and winge before reading the release note.

You'll be getting daily updates from now on.

Go to security preferences and note the “Automatically update safe downlaods list” checkbox which wasn't there before.

It's like Apple can't do anything right sometimes. And a lot of the response to Mac Defender is just building on top of what was already in place - Apple has slowly beefed up security since Leopard, with File Quarantine, ASLR (albeit rudimentary), Malware checking etc.

Can you please elaborate?

Macs will phone home to Cupertino every day to ask for a new list.

I don't think there is anything wrong, controversial or not sensible about this action. What surprises me is they have pulled it off so quickly.

 

[stuffradio]

People complaining apple should have done an update withing 1-2 days. really? this is still blown out of proprotion, it's not a virus that installs itself automatically, it's something the user has to install themselves and actually run, removal is as easy as draging it to trash. i'm actually disapointed apple is catoring to this with a new daemon that's now running in background on OS that's scanning downloads for known threats. all because users don't think before they install crap.

and

"Only for 10.6.7? What about 10.5.x or those on lower versions of 10.6? I almost understand 10.5.x... but this list exists in all versions of 10.6.x IIRC..."

really? why should apple provide updates for obsolete OS versions that have FREE updates available?

Except it does install automatically... https://www.macrumors.com/2011/05/2...-installs-without-admin-password-requirement/

 

[MacMan86]

Macs will phone home to Cupertino every day to ask for a new list.

I don't think there is anything wrong, controversial or not sensible about this action. What surprises me is they have pulled it off so quickly.

You may have already known but the malware definitions file and detection has been there since 10.6. It's just the daily updating that's new.

 

[elppa]

I don't get viruses on Windows. It's a myth spread by the elitist Apple fanboys.

Thats utter rubbish. With due respect the problem of malware, spyware, viruses, trojan horses, botnets and other malicious software became a real headache for Microsoft during the Windows XP era.

That's why SP2 was such a big deal and one (not the only) reason Vista was delayed.

You may have already known but the malware definitions file and detection has been there since 10.6. It's just the daily updating that's new.

Yes, read my post before the one you quoted.

 

[MacMan86]

Except it does install automatically... https://www.macrumors.com/2011/05/2...-installs-without-admin-password-requirement/

Lets please not go back to all this mis-information again.

It does not install automatically. Requiring the admin password or not, it still requires considerable user interaction to install the malware. You have to click through several steps of Installer or nothing will happen.

 

[Small White Car]

I don't get viruses on Windows. It's a myth spread by the elitist Apple fanboys.

LOL

We're "fanboys" and yet you don't think Windows has viruses?

I love Apple and probably am a fanboy and yet even I have never told such an unbelievable whopping lie about Apple.

 

[ten-oak-druid]

Is this related to the "troubles solver" or the "recovery" viruses on windows?

Anyway I'm glad I use OS X and I only have to deal with this once in a while.

 

[chrono1081]

While i dont know the actual threat of his particular 'malware', I think apple needs to do a lot better than this in future. Such hot fixes need to be available within a couple of days max. If i wanted to use a virus/malware prone PC for weeks, i'd have simply opted for a windows machine instead of the mac!

You do realize these things take time to find, analyze, and fix right? Apple is a company not some super entity capable of the impossible.

 

[MacMan86]

Yes, read my post before the one you quoted.

Fair enough, hadn't seen it . Although you just edited it, so I don't even know what it said before

 

[tkermit]

Nice!