Apple releases Mac OS X update to catch MAC Defender malware

Apple has released Security Update 2011-003, which adds malware detection and removal for the "MAC Defender" scam and delivers a daily update mechanism for updating subsequent malware definitions.

The security update for Mac OS X 10.6.7 is available from Software Update or the company's Downloads page. Installing the update does not require a system reboot.

The update adds malware discovery and removal for MAC Defender and all of its known variants, using the simple malware file quarantine feature that was first added to Mac OS X 10.6 Snow Leopard.

The Mac OS X file quarantine feature examines external files downloaded within Mail, iChat, Safari or other file quarantine-aware applications, warning users of downloads that match the definition of malware.

In addition to adding a definition for the latest "MAC Defender" trojan horse to warn users that the download should be deleted, the new security update adds a daily malware definitions check to make subsequent malware attempts even easier for Apple to protect it users from.

Users can opt out of the daily malware definitions update check by unchecking the new "Automatically update safe downloads list" checkbox in Security Preferences.

76 Comments

bsginc

said about 12 years ago

Just like Windows.... Oh, wait, I mean, just like Windows could have done and should have done years ago.

FTR, why don't Google, Bing and other search sites quarantine sites which enable malware like this. Particularly when the sites allow themselves to be a regular transport mechanism for malware. As long as search sites like Google, Bing and others don't help to stop it, more people will continue to visit these same sites over and over and over again. By helping to stop it, instead of making it easier, search sites can make distribution of malware more difficult.

It won't solve the problem, but anything that makes it more difficult for malware or educates users to be more careful makes it better for the rest of us.

suddenly newton

said about 12 years ago

Hooray! Although I've already turned off the "automatically open safe file types" option in Safari. Google should be ashamed of itself for allowing SEO poisoning, BTW. As far as I'm concerned, Google Image Search is more or less overrun by content farms and phishing servers.