Apple quietly adds anti-malware in Snow Leopard update

Apple quietly adds anti-malware in Snow Leopard update

Summary: In the latest update to Snow Leopard, Apple included software to protect Mac computers from a Trojan horse.

SHARE:
25

In the latest update to Snow Leopard, Apple included software to protect Mac computers from a Trojan horse that has been distributed by attackers disguised as iPhoto, but which opens a back door on the machine, security firm Sophos said on Friday.

When Apple released OS X 10.6.4 on Tuesday, the company said it addressed certain compatibility issues with VPN connections and other things, but failed to mention anything about adding an anti-malware update.

But buried in the code is an update to the XProtect.plist file, which contains signatures of malware written to target the Mac. The signatures now detect malware dubbed "HellRTS," Graham Clulely of Sophos wrote in a blog post.

For more on this story, read Apple quietly adds anti-malware in Snow Leopard update on CNET News.

Topics: Apple, Hardware, Malware, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

25 comments
Log in or register to join the discussion
  • IT'A A LIE!!!!

    Everyone knows iAnything is immune to all attacks. Saint Steve promised us this and he would NEVER lead us astray.

    Dyslexics of the world untie!!
    Scubajrr
    • well, no

      @Scubajrr
      everyone knows that macs are immune to viruses and worms and that you should not install PROGRAMS from sources you cannot trust. common sense.
      banned from zdnet
      • RE: Apple quietly adds anti-malware in Snow Leopard update

        @banned from zdnet
        Oh my you are an ID 10 T. However i do find it interesting that quote " Apple quietly add anti-malware" yet know one really says to much about it. Yet if Microsoft did this there would an outrage. Seems to me that the apple fanboys and everyone else has Saint Stevey ^ick stuck in their mouth.
        MLHACK
      • RE: Apple quietly adds anti-malware in Snow Leopard update

        @banned from zdnet
        Do you mean like the trusted update that Apple provided, the Flash Player 10.0.45.2 software update containing multiple vulnerabilities that expose users to malicious hacker attacks? Of course, that would never happen to you because of your common sense.
        hansa@...
      • RE: Apple quietly adds anti-malware in Snow Leopard update

        @banned from zdnet
        I keep hearing from MacHeads that Macs are immune to viruses, worms, etc. Perhaps they should stop listening to the propaganda and google "HellRaiser (aka OSX/HellRTS.D)".
        hansa@...
    • RE: Apple quietly adds anti-malware in Snow Leopard update

      @All Mac heads, lol you ill informed noobs. i dare any trusting Mac freak to DMZ there mac and turn off there software firewall. oh sorry didnt you know macs have a firewall to prevent infection. my bad.
      wally135
  • RE: Apple quietly adds anti-malware in Snow Leopard update

    They installed the latest and most secure version of the Flash player available at the time the patch was created. All of those vulnerabilities already existed in Flash. They were not suddenly introduced.
    jmarinis
    • RE: Apple quietly adds anti-malware in Snow Leopard update

      @jmarinis <br>What you say is 100% true. The point of my message was that it is possible to download from a trusted source and still inherit vulnerabilities, unlike the following statement by @banned from zdnet "everyone knows that macs are immune to viruses and worms and that you should not install PROGRAMS from sources you cannot trust. common sense."
      hansa@...
  • Malware like Trojans work just as well on all operating systems

    because they require active co-operation from the user to get installed. It is just as easy to get Mac users to install such malware because, like Windows users, Mac users are encouraged to download software from arbitrary websites, and install the software on the assumption that it is safe to do so.
    tracy anne
  • RE: Apple quietly adds anti-malware in Snow Leopard update

    Why does Apple insist on playing secret squirrel with everything they do. Why not be up front about what the updates do. I had this sort of problem with my iphone and Windows 7. It was all mine/the operating system/Office or anything elses fault and then 3 weeks later they did an iTunes update and lo and behold all problems went away. And no mention was made of what they had done. Wasted hours of my time the b****rds
    farky
  • OFC they dont mention it, it would hurt their PR

    Apple is all about PR and not about products. If all their users knew that their computers weren't actually secure then they probably wouldn't pay $1k for a machine with underpowered specs. They would save about half that and get a Windows machine.
    All the real techies know that Mac OS is actually more vulnerable than Windows in terms of exploit ability. Its just that alot more people write malware for windows because of its popularity.
    Jimster480
    • @Jimster480

      Actually more people write viruses for Windows because it's easier to infect Windows with Viruses, than any other Operating System. Trojans, on the other hand, can be written for all operating Systems, as the infection vector is the User. Trojans require co-operation from the user to do their dirty work.

      Like Windows users, Mac users are encouraged to download and install software from arbitrary websites, on the assumption that it is always safe to do so. As a consequence, the infection rate of Macs, via Trojans, is likely to be similar to that of the infection rate of Windows, via Trojans.
      tracy anne
      • Hmmmm.... not quite luv!

        @tracy anne
        [i]"Actually more people write viruses for Windows because it's easier to infect Windows with Viruses, than any other Operating System."[/i]

        Once would have agreed with you, but that simply isn't even remotely true anymore.

        If you look to the various BlackHat-type test-beds/scenarios, OS X almost ALWAYS falls first! Windows ([i]post[/i]-XP) is getting closer and closer to standing fast with Linux (the user-friendly distros at least).

        Where once upon a time Apple had a very secure OS product, they've become lost in their own marketing Machine and security has taken a back-seat. Why is it you think that Walled Garden gets higher and higher, with the iPad blatantly excluding Flash as a prime example?? Answer: because Apple is becoming less and less confident that their OS offerings can remain uncompromised in the real world!
        kaninelupus
      • @kaninelupus

        quote::Apple is becoming less and less confident that their OS offerings can remain uncompromised in the real world!

        I definitely agree with you there. Apple have taken a very secure Unix system FreeBSD and made it much less secure.
        tracy anne
    • RE: Apple quietly adds anti-malware in Snow Leopard update

      @Jimster480 good point... except that windows sucks.
      IMHO
      (and no, I'm not necessarily a Mac fanboy... I'm really more of a Linux fanboy these days...)
      www.dfwsupergeek.com
      unclefixer@...
  • RE: Apple quietly adds anti-malware in Snow Leopard update

    It's simple economics. Unless a hacker is motivated purely by ideology they are going to spend their time on hacks with the highest ROI. And close to 90 percent of the installed base (Windows) makes for a much higher ROI than 10% (all the rest). If OS X had a ninety percent market share we'd be hearing a lot more about OS X exploits and a lot less about Windows.
    zdnet-gregc
    • @zdnet-gregc

      Except, the vast majority of the Mac infections would be caused by Trojans, not Viruses. Which means that mass infections of Mac machines is far less likely than we know is the case with Windows, simply because Trojans require active co-operation from the computer user, while all a Virus needs is a susceptible Operating System.
      tracy anne
      • RE: Apple quietly adds anti-malware in Snow Leopard update

        @tracy anne
        Guess what, most infections to Windows are now caused by trojans also. Active cooperation is easily gotten by trickery on the part of the malware producer. Put a popup with a fake warning that your computer is infected, provide a SCAN button and people will push it. Bingo, you are infected. Viruses are soooo yesterday.
        hansa@...
      • @hansa@

        quote::Guess what, most infections to Windows are now caused by trojans also. Active cooperation is easily gotten by trickery on the part of the malware producer.

        It is indeed, and the fact that the users are actively encouraged to source their software from arbitrary websites, makes it very easy indeed for such tricksters to apply their trickery. Which is why i would expect that the rate of infection via Trojans would be similar on both Windows and Mac.

        When Microsoft finally gets rid of ActiveX, then I think we can finally ignore viruses, until then, while they may be sooooo old, the easy infection vector still exists, and it's built in to every version of IE still in use.
        tracy anne
  • RE: Apple quietly adds anti-malware in Snow Leopard update

    The chickens come home to roost, and security by obscurity apparently doesn't work so well any more. How's it going, Steve, now that the Macs are apparently a malware target? And...are you supporting Leopard and Tiger as well? Microsoft supports their older OSes, because their customers do real work with XP, Win7, and Vista. They expect that kind of support, and they get it.
    gypkap@...