Modified MacDefender Skirts Security – Apple Responds

ByMike Moffit

Earlier in the week, Apple unknowingly initiated a game of cat and mouse with the parties behind the malware MacDefender with the release of Security Update 2011-003. This update, designed to quarantine and remove the malware from affected machines, was met yesterday with a new variant of MacDefender capable of bypassing the update’s security measures entirely.

Debuting less than eight hours after the release of Apple’s update, the new version of MacDefender carries the name ‘Mdinstall.pkg’ and has been specifically designed to thwart Apple’s methods for detecting and removing the malware. Though the quick turnaround and re-release demonstrates those behind MacDefender aren’t going down without a fight, thankfully Apple has built safeguards into its security update to protect against variations of the malware.

Included in Tuesday’s security patch were updates to Xprotect.plist—a system file responsible for identifying malware and other suspicious applications. This file is capable of updating on a daily basis to protect against mutations of previously identified and blocked malware, such as the original version of MacDefender. In response to the threat posed by Mdinstall.pkg, Apple today updated the list to include an entry for OSX.MacDefender.C, effectively blocking the threat for users with the Security Update installed.

Apple clearly takes the rising threat of MacDefender and other Mac malware very seriously. Its quick response this morning clearly indicates that the company plans to move swiftly and crush future iterations of the malicious software before they gain much traction. However, it is unfortunate that widespread malware has surfaced on OS X in the first place. The MacDefender saga has certainly ushered in a new era for Mac users. While there is a clear distinction between malware and viruses—OS X still has no known ones—the widespread damage caused by MacDefender proves the Mac is not invulnerable.

Security-Update 2011-003 is compatible with Mac OS X v10.6.7 and available via Software Update or direct download here. It is highly recommended for all Mac users with compatible software.

Similar Posts

  • The Neat New nano!

    Of all the new products showcased at today’s keynote event, the redesigned iPod nano is by far the most radical. Featuring an entirely…

  • Xsan and Intel macs

    by Matt@Smalldog.com A buddy of mine sent me an iChat this morning asking if I knew anything about xSan compatibility with Intel Macs….

  • The Mac App Store is Open for Business

    As of this morning, the Mac App Store has officially opened its “doors” for business. Launching with over 1,000 apps in a wide…

  • Skype on the iPhone

    With the introduction of the iTunes App Store some time ago, the iPhone and iPod Touch became even more useful devices. Anyone could…

  • New Colors for the iPod Shuffle!

    Apple has updated the iPod shuffle line with four new colors – pink, green, blue, and orangeish. The original silver color is still…