Security Update 2011-003 for Snow Leopard released - addresses MAC Defender

Apple has released an important security update for users of Mac OS X Snow Leopard. The update, which requires Mac OS X 10.6.7, removes known variants of the recent MAC Defender malware which began surfacing at the beginning of May. In addition, the update also enables the operating system to update its internal list of known malware on a daily basis via a new background process. The new option to control daily updates is available as shown in the above screenshot.

The update comes a week after Apple officially acknowledged the issue in a support knowledgebase article. The changes in this update are listed in the following KB article posted by Apple:

File Quarantine
Available for: Mac OS X v10.6.7, Mac OS X Server v10.6.7
Impact: Definition added
Description: The OSX.MacDefender.A definition has been added to the malware check within File Quarantine.

File Quarantine
Available for: Mac OS X v10.6.7, Mac OS X Server v10.6.7
Impact: Automatically update the known malware definitions
Description: The system will check daily for updates to the File Quarantine malware definition list. An opt-out capability is provided via the "Automatically update safe downloads list" checkbox in Security Preferences.

Malware removal
Available for: Mac OS X v10.6.7, Mac OS X Server v10.6.7
Impact: Remove the MacDefender malware if detected
Description: The installation process for this update will search for and remove known variants of the MacDefender malware. If a known variant was detected and removed, the user will be notified via an alert after the update is installed.

The move to enable a new updating mechanism ahead of the next scheduled update for Mac OS X, 10.6.8, may be seen as a response to the growing number of MAC Defender variants and spinoffs. Shortly before the publication of the MAC Defender KB article last week, a new variant under the name "MacGuard" appeared. Unlike MAC Defender, MacGuard does not require users to supply administrator credentials for installation.

Users may download the update via this link.

Image Credit: Apple

Report a problem with article
Previous Story

Report: US could respond to cyber attacks with military force

Next Story

World Health Organization: Cellphones are "possibly carcinogenic"

21 Comments - Add comment