Modified MacDefender Skirts Security – Apple Responds

ByMike Moffit

Earlier in the week, Apple unknowingly initiated a game of cat and mouse with the parties behind the malware MacDefender with the release of Security Update 2011-003. This update, designed to quarantine and remove the malware from affected machines, was met yesterday with a new variant of MacDefender capable of bypassing the update’s security measures entirely.

Debuting less than eight hours after the release of Apple’s update, the new version of MacDefender carries the name ‘Mdinstall.pkg’ and has been specifically designed to thwart Apple’s methods for detecting and removing the malware. Though the quick turnaround and re-release demonstrates those behind MacDefender aren’t going down without a fight, thankfully Apple has built safeguards into its security update to protect against variations of the malware.

Included in Tuesday’s security patch were updates to Xprotect.plist—a system file responsible for identifying malware and other suspicious applications. This file is capable of updating on a daily basis to protect against mutations of previously identified and blocked malware, such as the original version of MacDefender. In response to the threat posed by Mdinstall.pkg, Apple today updated the list to include an entry for OSX.MacDefender.C, effectively blocking the threat for users with the Security Update installed.

Apple clearly takes the rising threat of MacDefender and other Mac malware very seriously. Its quick response this morning clearly indicates that the company plans to move swiftly and crush future iterations of the malicious software before they gain much traction. However, it is unfortunate that widespread malware has surfaced on OS X in the first place. The MacDefender saga has certainly ushered in a new era for Mac users. While there is a clear distinction between malware and viruses—OS X still has no known ones—the widespread damage caused by MacDefender proves the Mac is not invulnerable.

Security-Update 2011-003 is compatible with Mac OS X v10.6.7 and available via Software Update or direct download here. It is highly recommended for all Mac users with compatible software.

Similar Posts

  • Quick Mac Tip Videos

    There are several dozen excellent video tutorials posted throughout Apple.com. The Business section has some of the best. They include topics such as…

  • Safari 3 Public Beta

    I’ve just downloaded and install the public beta of Safari 3. After hearing about how your could re-arrange tabs I was very excited….

  • iPhone 4 Press Event Synopsis

    Today’s press event brought with it a tremendous amount of anticipation in regards to how Apple would handle the issues surrounding the iPhone…

  • iPhoto '11 New Features Overview

    iPhoto ’11 was released today at Apple’s Back to Mac press conference as part of the new iLife ’11. Some of the standout new features include:

    New Full-Screen Modes iOS-like full-screen mode for editing and viewing photos Use every inch of your display to browse and edit your photos. This is much more advanced than the full-screen editing available in previous versions of iPhoto. More screen real estate means a bigger workspace for perfecting each shot or creating nifty iPhoto projects.

    Facebook Enhancements – Share your photos and view comments without ever leaving iPhoto. iPhoto and Facebook are now even better friends. iPhoto even shows you all of your Facebook photo albums, including the ones you published using another application. You’ll always know which photos you shared (or didn’t share) on Facebook, because iPhoto keeps track of that for you.

    Emailing Photos – iPhoto now includes eight Apple-designed themes that you customize with your own images and words. Rearrange photos with a simple drag and drop, adjust the image mask, or change the size and style of your text. Plus, iPhoto optimizes your message so it’s never too big to send. iPhoto also works with popular email services like MobileMe, Gmail, Yahoo! Mail, Windows Live Hotmail, and AOL. And since iPhoto keeps track of all your email messages with photos, you’re free to open a sent message, make changes, and share it with someone new, anytime you want.

    New Slideshows – New animated themes — like Holiday Mobile, Places, and Reflections — give your photos movement and help you avoid typical, photo-by-photo, fade-in, fade-out slideshows. Each shot is centered and framed perfectly, thanks to face detection. And the animated themes include their own soundtracks, so your photos and music play together flawlessly.

    Big Leap in Books iPhoto ’11 makes it even easier to create professional-quality books using your own photos. Building your book starts with a new dynamic Theme browser. Pick a theme, and an even smarter Autoflow instantly goes to work, placing your images for you. Higher-rated images are featured more prominently. Photos taken on the same day appear together. And all the while, face detection ensures that photos of people are cropped and framed properly. Change the background color, font, layout, and more. Add eye-popping full-bleed, two-page spreads.

    Letterpress Cards – For the first time, traditional printing techniques join modern digital photography on a large scale. With iPhoto ’11, you can create custom letterpress cards personalized with your photos and text. Each iPhoto letterpress card is made from premium paper and produced using a centuries-old printing method. Then it’s digitally processed with your photos and text. iPhoto letterpress cards are available in 15 beautifully crafted themes complete with matching envelope. There’s just something about the elegant look and feel of a letterpress card.

    As John Gruber from Daring Fireball tweeted: “Can you imagine any other computer company offering letterpress as a mass-market printing technology?”

    iLife is a $49 upgrade for existing Mac users, and comes free with every new Mac. It’ll be listed on our site for sale and shipment shortly.