Apple Finally Patches OS X
After weeks of mixed signals, Apple issues an update for Mac Defender malware.
Apple first publicly admitted last week that Mac Defender could be a security with an advisory release on how to avoid MacDefender.
The ironically named MacDefender is a piece of fake anti-virus software. Unsuspecting Mac users are tricked into believing their systems are infecting by malware and then are offered the opportunity to download and install MacDefender. According to Apple, the ultimate goal of Mac Defender is to get the user's credit card information which may be used for fraudulent purposes.
As part of the 2011-003 patch update, Apple is adding in three separate items in a bid to help mitigate the risk of MacDefender.
First off, Apple has added a definition to its File Quarantine technology to identify the MacDefender malware.
Second, Apple is now also improving File Quarantine with automatic updates for malware definitions. "The system will check daily for updates to the File Quarantine malware definition list," Apple stated in its advisory.
Finally, Apple's File Quarantine will not only detect MacDefender, it will now also remove it as well.
"The installation process for this update will search for and remove known variants of the MacDefender malware," Apple stated in its advisory. "If a known variant was detected and removed, the user will be notified via an alert after the update is installed."
The whole MacDefender experience is one that has served as a proof point in the security community that Apple is not immune from malware attacks.
"In the past Ive read comments from Apple users claiming that the XYZ threat for Mac isn't a 'real virus' because the victim has to manually install the threat," McAfee Labs Security Researcher, Criag Schmugar wrote in a blog post. "Mac users should understand that millions of Windows threats exploit the user, rather than the operating system."
Security researchers have been warning about increasing levels of Mac malware since at least 2008. Though the volume of Mac malware is not as high as it is for Windows malware, it is still a threat.
"Mac users are facing the same two factors that affects Windows users," Rodrigo Branco, director of Vulnerability and Malware research at Qualys wrote in an email sent to InternetNews.com. "The main difference is the initial security design, which is way better than the Windows one (in the security point of view at least) - but this alone does not guarantee security, even more because there are many different software running with enough privileges to damage the system. "Basically malware is a threat to any operating system, it doesn't matter if it is unix-based or not."