Search
  • Videos
  • Windows 10
  • 5G
  • Best VPNs
  • Cloud
  • Security
  • AI
  • more
    • TR Premium
    • Working from Home
    • Innovation
    • Best Web Hosting
    • ZDNet Recommends
    • Tonya Hall Show
    • Executive Guides
    • ZDNet Academy
    • See All Topics
    • White Papers
    • Downloads
    • Reviews
    • Galleries
    • Videos
    • TechRepublic Forums
  • Newsletters
  • All Writers
    • Preferences
    • Community
    • Newsletters
    • Log Out
  • Menu
    • Videos
    • Windows 10
    • 5G
    • Best VPNs
    • Cloud
    • Security
    • AI
    • TR Premium
    • Working from Home
    • Innovation
    • Best Web Hosting
    • ZDNet Recommends
    • Tonya Hall Show
    • Executive Guides
    • ZDNet Academy
    • See All Topics
    • White Papers
    • Downloads
    • Reviews
    • Galleries
    • Videos
    • TechRepublic Forums
      • Preferences
      • Community
      • Newsletters
      • Log Out
  • us
    • Asia
    • Australia
    • Europe
    • India
    • United Kingdom
    • United States
    • ZDNet around the globe:
    • ZDNet France
    • ZDNet Germany
    • ZDNet Korea
    • ZDNet Japan

How Apple has responded to Mac malware

1 of 7 NEXT PREV
  • 6249221.png

    A month after the first customers called its support lines for help, Apple responded to the Mac Defender outbreak with a security update that attempts to block new infections and remove malware that's already been installed. But the bad guys haven't been standing still. They've renamed their hostile software (Mac Shield) and produced at least 15 new versions, forcing Apple to respond with a new set of definitions every day this month.

    For more details, see "Has Apple done enough to fight malware on Macs?"

    Published: June 19, 2011 -- 16:14 GMT (09:14 PDT)

    Caption by: Ed Bott

  • 6249222.png

    Security Update 2011-003 arrives via Apple Software Update. It provides a new feature that updates anti-malware signatures daily.

    For more details, see "Has Apple done enough to fight malware on Macs?"

    Published: June 19, 2011 -- 16:14 GMT (09:14 PDT)

    Caption by: Ed Bott

  • 6249223.png

    The XProtect definition file is accompanied by this metadata file, which includes a version number. Apple has been delivering a new update roughly once a day, and the size of the definition file has swelled from 5K to more than 22K in that time.

    For more details, see "Has Apple done enough to fight malware on Macs?"
    Published: June 19, 2011 -- 16:14 GMT (09:14 PDT)

    Caption by: Ed Bott

  • 6249224.png

    Every variation of Mac Defender gets its own set of definitions in this XProtect file. Each signature in this XML file is specifically designed to identify a known malware variant, using file names and unique strings found within the file. This snippet is part of the definition for Mac Defender version K. 

    For more details, see "Has Apple done enough to fight malware on Macs?"
    Published: June 19, 2011 -- 16:14 GMT (09:14 PDT)

    Caption by: Ed Bott

  • 6249225.png

    This version of the Mac Defender downloader was released on Friday morning, and the Friday evening signature from Apple successfully detects it. The Move To Trash option is the default. 

    For more details, see "Has Apple done enough to fight malware on Macs?"
    Published: June 19, 2011 -- 16:14 GMT (09:14 PDT)

    Caption by: Ed Bott

  • 6249226.png

    It's hard to believe that Apple is serious about security when this dangerous setting remains the default for Safari. If you download an installer package using the default OS X browser, Safari, with its default settings, the Mac Defender installer opens automatically and waits for the victim to click Continue. Other browsers force you to download the file, extract it, and run it separately.

    The Security Update 2011-003 bulletin does not mention this setting.   

    For more details, see "Has Apple done enough to fight malware on Macs?"
    Published: June 19, 2011 -- 16:14 GMT (09:14 PDT)

    Caption by: Ed Bott

  • 6249227.png

    The check box in the middle of this preferences dialog box is new, added as part of Security Update 2011-003. If you clear the box and then click it again, OS X will automatically retrieve the latest anti-malware definition file.

    For more details, see "Has Apple done enough to fight malware on Macs?"
    Published: June 19, 2011 -- 16:14 GMT (09:14 PDT)

    Caption by: Ed Bott

1 of 7 NEXT PREV
Ed Bott

By Ed Bott | June 19, 2011 -- 16:14 GMT (09:14 PDT) | Topic: Security

  • 6249221.png
  • 6249222.png
  • 6249223.png
  • 6249224.png
  • 6249225.png
  • 6249226.png
  • 6249227.png

In May 2011, Apple issued its first-ever security update designed to remove malware on Macs. Has Apple's response to Mac Defender been good enough for its customers? And is Apple prepared for the next attack? This gallery shows what Apple has done with Security Update 2011-003.

Read More Read Less

A month after the first customers called its support lines for help, Apple responded to the Mac Defender outbreak with a security update that attempts to block new infections and remove malware that's already been installed. But the bad guys haven't been standing still. They've renamed their hostile software (Mac Shield) and produced at least 15 new versions, forcing Apple to respond with a new set of definitions every day this month.

For more details, see "Has Apple done enough to fight malware on Macs?"

Published: June 19, 2011 -- 16:14 GMT (09:14 PDT)

Caption by: Ed Bott

1 of 7 NEXT PREV

Related Topics:

Security Apple Security TV Data Management CXO Data Centers
Ed Bott

By Ed Bott | June 19, 2011 -- 16:14 GMT (09:14 PDT) | Topic: Security

Show Comments
LOG IN TO COMMENT
  • My Profile
  • Log Out
| Community Guidelines

Join Discussion

Add Your Comment
Add Your Comment

Related Galleries

  • 1 of 3
  • OnlyKey hardware security key

    This is the ultimate security key for professionals.

  • SoloKeys Solo V2

    Durable, fully reversible connectors, encapsulated in epoxy resin, and with updatable firmware.

  • iVerify: Added security for iPhone and iPad users

    I'm usually wary of security apps, but iVerify by Trail of Bits is different. It comes highly recommended and offers a lot of features in a small download. ...

  • iStorage datAshur BT hardware encrypted flash drive

    FIPS 140-2 Level 3 compliant storage drive with wireless unlock feature and remote management. IP57 rated for dust and water resistance.

  • Netgear BR200 small-business router

    The Netgear BR200 Insight Managed Business Router has been designed to be easy to set up, and features a built-in firewall, VLAN management, and remote cloud monitoring, and can be ...

  • YubiKey 5C NFC: The world’s first security key to feature dual USB-C and NFC connections

    The YubiKey 5C NFC can be used across a broad range of platforms -- iOS, Android, Windows, macOS and Linux -- and on any mobile device, laptop, or desktop computer that supports USB-C ...

  • Apricorn Aegis Secure Key 3NXC

    The new Aegis Secure Key 3NXC builds on Apricorn's Secure Key 3z and Aegis Secure Key 3NX, taking the same proven form-factor and physical keypad, and adding something that users have ...

ZDNet
Connect with us

© 2021 ZDNET, A RED VENTURES COMPANY. ALL RIGHTS RESERVED. Privacy Policy | Cookie Settings | Advertise | Terms of Use

  • Topics
  • Galleries
  • Videos
  • Sponsored Narratives
  • Do Not Sell My Information
  • About ZDNet
  • Meet The Team
  • All Authors
  • RSS Feeds
  • Site Map
  • Reprint Policy
  • Manage | Log Out
  • Join | Log In
  • Membership
  • Newsletters
  • Site Assistance
  • ZDNet Academy
  • TechRepublic Forums