This evening, Apple released Security Update 2011-003 for Mac OS X 10.6.7 Snow Leopard. This security update—which focuses entirely on MACDefender—is designed to quarantine and remove the malware from affected machines. Additionally, a definition for OSX.MacDefender.A has been added to the malware check within OS X’s File Quarantine. According the the support document accompanying the update’s release, this definition will be automatically updated on a daily basis to protect against the malware’s recent mutations and variations. In terms of the detection and removal process of the malware, the support document states:
The installation process for this update will search for and remove known variants of the MacDefender malware. If a known variant was detected and removed, the user will be notified via an alert after the update is installed.
Security Update 2011-003 requires Mac OS X v10.6.7 and can be obtained via Software Update or downloaded directly here. Regardless of whether or not you suspect MACDefender has been installed on your machine, we strongly encourage all users to download and install the update.