Though the new protection wasn't specifically listed in any of Apple's documentation accompanying Mac OS X 10.6.4, security firm Sophos discovered the update in the XProtect.plist file, which contains signatures of potential Mac threats. The new threat, dubbed HellRTS by Apple, has been distributed by hackers since April in the form of iPhoto.
Referred to as OSX/Pinhead-B by Sophos, the Trojan monitors browser activity unbeknownst to Mac users. It also makes a machine remotely accessible to the attacker, who can take complete control of the computer.
"If you did get infected by this malware then hackers would be able to send spam email from your Mac, take screenshots of what you are doing, access your files and clipboard and much more," said Graham Cluley, senior technology consultant with Sophos.
Cluley took a negative response to Apple's secrecy, suggesting that the Cupertino, Calif., company should instead make note that the latest update to Snow Leopard helps to thwart a potentially dangerous Trojan.
"You have to wonder whether their keeping quiet about an anti-malware security update like this was for marketing reasons," he wrote on the company's blog.
Last September, Cluley also made note that users upgrading to Snow Leopard would see their version of Flash for Mac downgraded to an older, less secure version. Apple addressed the issue with an update a week later.
Released last August, Snow Leopard came with a built-in antimalware feature. While the previous version of Mac OS X, Leopard, flagged Internet downloads with metadata that alerted users when downloading files from the Web, Snow Leopard added an additional warning when disk images containing known malware installers are opened.
Apple released its latest update for Snow Leopard, Mac OS X 10.6.4, on Tuesday. The security and maintenance update fixed issues that could cause a Mac keyboard or trackpad to become responsive, and also resolved a problem that could prevent some Adobe Creative Suite 3 applications from opening.
58 Comments
AppleInsider continues to used the word "quietly". It doesn't fit.
They can't do anything quietly with you guys reporting everything they do. Here, I'll rewrite the title for you:
So was this patched into a torrent version of iPhoto?
I don't get it..
AppleInsider continues to used the word "quietly". It doesn't fit.
They can't do anything quietly with you guys reporting everything they do. Here, I'll rewrite the title for you:
they try to give off this idea that Apple just does all their stuff silently like a cool person would do. Like "hey, no biggie, I only prevented malware. Here you go. Thats how I do"
I have been using virus/malware protection for about a year now on my Apple computers for that very reason, nothing will stay immune form this junk for long.
I am running a version from ESET NOD32, it's amazingly easy on system resources, we have also been testing it on two segregated OS X servers and it's been bullet proof for 6 months now, there is also a remote manager that can manage installations across your complete network PC's & Mac's
It's worth check it out just the same, there is a free public beta open right now.
they try to give off this idea that Apple just does all their stuff silently like a cool person would do. Like "hey, no biggie, I only prevented malware. Here you go. Thats how I do"
Call a press conference at Moscone Center and announce "thank-you all for coming! First some updates - in spite of our continued growth in the marketplace the incidence of virus infection and general malware incursions has stayed relatively flat. We are justly proud of that fact. However, we have patched a potential malware threat in our OS, and to satisfy our friends at Sophos we are giving you this opportunity to be among the first to enjoy the fruits of our labor and openness. By the way, in related news, one of the Apple Campus security guards picked up a drunk who was taking a piss on one of our shrubs, and we remanded him to the proper authorities. We have also developed a program for our roving engineers to have their prototype devices hermetically tethered to their bodies when out drinking. We feel this is the only responsible way to help our journalist friends avoid the obvious temptation to obtain and abuse our devices. Thanks for coming!"