14 DAY TRIAL // Apple is officially addressing the recently emerged malware targeting Mac OS X with the release of Security Update 2011-003, which modifies the way Snow Leopard looks for and prevents malware from being installed onto the user’s computer.
The security update contains three patches for the Client and Server versions of Mac OS X 10.6 Snow Leopard.
First and foremost, the update adds the OSX.MacDefender.A malware check definition within File Quarantine.
The second tweak, also within File Quarantine, automatically updates the known malware definitions.
“The system will check daily for updates to the File Quarantine malware definition list. An opt-out capability is provided via the ‘Automatically update safe downloads list’ checkbox in Security Preferences,” Apple explains.
This is an important change for Apple and OS X users, as it marks the first time Apple has given the xprotect.plist file the ability to update itself with new malware definitions.
Finally, Security Update 2011-003 removes the MacDefender malware if detected.
Download Apple Security Update 2011-003 (Free)
According to Cupertino, “The installation process for this update will search for and remove known variants of the MacDefender malware. If a known variant was detected and removed, the user will be notified via an alert after the update is installed,” Apple states.
The company provides a wealth of information on Mac OS X Snow Leopard and malware detection in a separate Support document where it is revealed that files downloaded through applications like Safari, iChat, and Mail are checked for safety at the time that they are opened.
The system will display a dialog that alerts users to move malware to the Trash, should the file be identified as containing known threats.
“Security Update 2011-003 provides additional protection by checking for the MacDefender malware and its known variants,” the Cupertino tech giant elaborates.
“If MacDefender malware is found, the system will quit this malware, delete any persistent files, and correct any modifications made to configuration or login files. After MacDefender is identified and removed, the message below will be displayed the next time an administrator account logs in,” Apple says.