Modified MacDefender Skirts Security – Apple Responds

ByMike Moffit

Earlier in the week, Apple unknowingly initiated a game of cat and mouse with the parties behind the malware MacDefender with the release of Security Update 2011-003. This update, designed to quarantine and remove the malware from affected machines, was met yesterday with a new variant of MacDefender capable of bypassing the update’s security measures entirely.

Debuting less than eight hours after the release of Apple’s update, the new version of MacDefender carries the name ‘Mdinstall.pkg’ and has been specifically designed to thwart Apple’s methods for detecting and removing the malware. Though the quick turnaround and re-release demonstrates those behind MacDefender aren’t going down without a fight, thankfully Apple has built safeguards into its security update to protect against variations of the malware.

Included in Tuesday’s security patch were updates to Xprotect.plist—a system file responsible for identifying malware and other suspicious applications. This file is capable of updating on a daily basis to protect against mutations of previously identified and blocked malware, such as the original version of MacDefender. In response to the threat posed by Mdinstall.pkg, Apple today updated the list to include an entry for OSX.MacDefender.C, effectively blocking the threat for users with the Security Update installed.

Apple clearly takes the rising threat of MacDefender and other Mac malware very seriously. Its quick response this morning clearly indicates that the company plans to move swiftly and crush future iterations of the malicious software before they gain much traction. However, it is unfortunate that widespread malware has surfaced on OS X in the first place. The MacDefender saga has certainly ushered in a new era for Mac users. While there is a clear distinction between malware and viruses—OS X still has no known ones—the widespread damage caused by MacDefender proves the Mac is not invulnerable.

Security-Update 2011-003 is compatible with Mac OS X v10.6.7 and available via Software Update or direct download here. It is highly recommended for all Mac users with compatible software.

Similar Posts

  • Apple / Intel One Year Anniversary!

    Today is the one-year anniversary of the Apple-Intel alliance. It was June 6, 2005, when Steve Jobs made the official announcement at Apple’s…

  • WWDC 2007 – Live from San Francisco!

    Apple’s annual World Wide Developers Conference kicks off today with a keynote address from Steve Jobs beginning at 10:00a.m. PST. We expect that…

  • New Firmware for all Core2Duo & Xeon Macs

    Via Software Update, Apple yesterday released a slew of firmware updates addressing performance and reliability of all Core 2 Duo and Xeon Macs…

  • Snow Leopard Coming: September 2009

    At WWDC today, Phil introduced Bertrand Serlet to talk about the Mac OS. He announced that Snow Leopard will be available in late…

  • Apple Clobbers the Street!

    By Don@Smalldog.com You go figure! Apple announced its quarterly earnings after the market closed on Wednesday and posted a profit for the quarter…

  • Apple Releases Mac OS X 10.6.3 Update

    Apple yesterday released the latest update to Mac OS X, squashing a litany of issues ranging from Time Machine stability to Antarctic daylight…