It’s live now, go get it quickly via the Software Update feature from the Apple menu. Apple explains that the 2.36MB download “provides additional protection by checking for the MacDefender malware and its known variants”. If Apple finds the pesky MacDefender malware on your system, the computer “will quit this malware, delete any persistent files, and correct any modifications made to configuration or login files”.
More information from Apple’s support document:
The OSX.MacDefender.A definition has been added to the malware check within File Quarantine. The system will check daily for updates to the File Quarantine malware definition list. An opt-out capability is provided via the “Automatically update safe downloads list” checkbox in Security Preferences.
And this bit about malware removal:
The installation process for this update will search for and remove known variants of the MacDefender malware. If a known variant was detected and removed, the user will be notified via an alert after the update is installed.
You can also download the standalone Mac OS X Snow Leopard Security Update 2011-03 here. Apple has also published a support document regarding XProtect. Of course, we’ve known Apple has had malware list for cases like this since 2009. Reader Tobias took it upon himself to explain…
The MacDefender-Update adds a tool to SnowLeopard to actively remove malware based on the XProtect.plist that contains the malware definitions. Apparently it has been created in 2009 as you can see in the localizationfile below, so Apple probably expected something like this to happen and always had a backup plan. Moreover, the update also installs an updater for the XProtect definitions. Apple really keeps this tightly under wraps, the changelog did not say anything about this.
And a timely anecdotal evidence from our reader Jonah H.:
Today I was at my local Apple Store in Newmarket, Ontario, Canada and a lady came in complaining about the symptoms of the Mac Defender malware problem. They told her it was from Mac Defender and everybody’s wrong about it they said “It’s not a virus it’s just a piece of software that steals you credit card and other information.”I would say that sounds like Malware or a Virus to me.
Good thing Apple has issued the update to fix this malware threat before it gets overblown. Moving on, guys…
FTC: We use income earning auto affiliate links. More.
Comments