Snow Leopard to feature built-in malware protection

Apple's always been more than happy to boast about the lower amount of malicious files aimed at its OS X operating system, when compared to its main rival, Windows; as everybody knows, nothing is 100% secure, and there will always be people out there with the intent of harming your computer, and with the upcoming release of Mac OS 10.6 (Snow Leopard), this is certainly not going to change. However, it seems Apple may be trying to keep one step ahead, according to a blog post from Intego, by building a form of system protection directly into the upcoming release.

The common way of installing applications on OS X is to have an installer package, which, whilst handy for getting everything where it needs to be, can be rather dangerous as it doesn't usually show you exactly what is being installed. Although you can download free, third-party plug-ins to help quell the problem, it's more than easy enough to end up with harmful files on your computer even after following the usual routine, so this discovery is quite a good one. What Intego has found is that Apple has now included a form of malware-prevention in the package installer service; instead of simply asking if the user wants to install the package, Snow Leopard will scan it quickly, and then display a message if any harmful files are found.

According to ZDNet, it hasn't been stated as to how Apple is handling the file detection, but it appears that they may have partied up with a commercial anti-virus vendor to provide the solution. We've included a screenshot below from Intego's blog, to show what the user will see if anything crops up.

Report a problem with article
Previous Story

Why has Microsoft photoshopped this?

Next Story

Microsoft posts PowerPoint 2010 slideshow teaser

89 Comments

Commenting is disabled on this article.

Apple boasting about how little malware they get compared to Windows is like someone driving a Moped boasting about how many fewer speeding tickets they get than the other guy driving a crotch rocket.

nice of Apple to "snick" this into the "new" OS (or 10.5 SP X) and not tout the new feature on the official feature page? i'm guesing they're not too proud of it ... "macs are 100% virus & malware free"...indeed. i'm curious to see what happens to the get-a-mac ads, or what becomes of the 100%-secure story come october 22nd with Window7 GA.

What everyone seems to fail to realise is that this antimalware detects MALICIOUS CODE. meaning it does not have to be a virus for Mac OS. Built in antimalware is great, it is helping the entire world out.

Cool!
Now MAC users will have the same great experience of having software blocked by false mal-ware warnings.

roadwarrior said,
Kind of hard to get a false positive when you have only a couple handfuls of malware examples to check against.

You clearly have no understanding of even basic statistics, the number of examples has nothing at all to do with the number of false positives.

as everybody knows, nothing is 100% secure

Ha ha ha ha, priceless. Any competent IT person knows this. But the drones who echo Apple's marketing (and even some PC users who hear Apple's messages) truly think that Apple is 100% totally bullet-proof.

Kudos for Apple for this mature and forward thinking inclusion, I commend them on taking a step in this direction, if and when OSX has a larger market share then malware will become more prevalent for their OS. Refreshing to see a common sense and pro-active action by a developer of an OS regardless of platform.

And Yes im a windows user and No I hold no malice or dislike for Apple or their products (or their loyal customer base), not my personal choice in systems but thats exactly it, my personal choice, doesnt make me superior or better than someone else due to the personal choice they take in a PC (Personal Computer)

"but it appears that they may have partied up with a commercial anti-virus vendor to provide the solution."

Seems they got fleeced given that it can only detect two signatures...

RAID 0 said,
Oh I'm sure there will be more to come.


Windows fanboys have been predicting the flood of OS X viruses for nearly a decade now. And yet, you can still count the number of them on your hands.

roadwarrior said,
Windows fanboys have been predicting the flood of OS X viruses for nearly a decade now. And yet, you can still count the number of them on your hands.

i guess we thought you would have a marketshare of at lest 10% by now...our mistake.

macrosslover said,
i guess we thought you would have a marketshare of at lest 10% by now...our mistake.


Even so, if numbers of viruses was proportional to market share, then OS X should still have at least a couple hundred if not a thousand viruses out there.

roadwarrior said,
Even so, if numbers of viruses was proportional to market share, then OS X should still have at least a couple hundred if not a thousand viruses out there.

Right. Except it's not going to be linearly proportional, it would be exponential.

roadwarrior said,
Windows fanboys have been predicting the flood of OS X viruses for nearly a decade now. And yet, you can still count the number of them on your hands.


... but let's not count malware, trojans or spyware, right?

-"Hey, did you know you have a virus on your Mac?"
-"IT'S NOT A VIRUS!! It's a keylogger!!!"

Kirkburn said,
Right. Except it's not going to be linearly proportional, it would be exponential.


Even so, there logically should be many more than there are, if that line of reasoning was at all accurate. Come on, OS X has been available for nearly a decade, and there are less than a dozen, if even that, that is including lab created proof-of-concepts that never show up in the wild.

... but let's not count malware, trojans or spyware, right?


I'm counting all types of malware. Even proof-of-concept stuff that no user will EVER encounter.

How many examples can you provide links to information about? I really doubt you can come up with even 10.

their ads focus on viruses, not malware. anyway, nice to see some level of protection - this must be apple's wake up call that gaining marketshare=more interest and motivation for viruses to be developed for that platform!

Perhaps it's me, but that malware message seems to be overcomplicated and badly designed.

The message says "you should move it to the trash" The correct main response from a user to this would be "do it for me". But instead you are given "open", the thing you're trying to discourage.

"Cancel" should be the primary response, but then "cancel" what? You can't assume the user would have the context for the popup.

Finally, the detailed info should be in bullet points, or hidden. You want people to focus on the issue, not the random names and numbers.

(Basically, they should've copied Windows.)

I sort of agree, but I think it'd be better to have the "Do it for me" as well as a "Details>>" which then will provide information regarding the file.

Sounds like a cleaner approach to me. Also makes it easier to organize.

Billus said,
Ha, it's worse then UAC. UAC at least has details on what the application wants to do.

UAC isn't designed to detect malware or virii. It's to let you know that an application is trying to do something that requires administrative privileges and give you the opportunity to approve or deny it. It's more like the OS X administrative prompt.

Billus said,
Ha, it's worse then UAC. UAC at least has details on what the application wants to do.

UAC has nothing to do with viruses. It also warns you for admin access, so it's useless to catch viruses with. It could just as well warn you for a legit application. There would be no way for you to tell the difference. Please don't confuse this feature with UAC. :S Not even Microsoft would want you to, because then that would imply UAC should have viral detection. Which it doesn't have.

Kirkburn said,
Perhaps it's me, but that malware message seems to be overcomplicated and badly designed.

The message says "you should move it to the trash" The correct main response from a user to this would be "do it for me". But instead you are given "open", the thing you're trying to discourage.

"Cancel" should be the primary response, but then "cancel" what? You can't assume the user would have the context for the popup.

Finally, the detailed info should be in bullet points, or hidden. You want people to focus on the issue, not the random names and numbers.

(Basically, they should've copied Windows.)

I was just thinking that myself too

Midgetman said,
and when microsoft do this people scream antitrust?!?!

Do they? Has there ever been an issue with MS including antimalware and AV as part of the OS?

MSE isn't included as part of the OS, it is a separate application. If it was included the AV companies, along with the EU would be filing law suits within minutes after it was released.

Windows Defender is not that much of a threat to all the free malware applications so no one really cares.

PsychoDoughBoy said,
Do they? Has there ever been an issue with MS including antimalware and AV as part of the OS?

My god, yes.

Midgetman said,
and when microsoft do this people scream antitrust?!?!

Apple doesn't have a large enough marketshare for there to be antitrust violations.

GreyWolfSC said,
You should read up on the Sherman Antitrust Act.

Market share is not the only thing that creates a monopoly.


You're wasting your breath. No matter what anti-trust laws say, you'll never convince them to look at anything other than the RDF way they've seen it and will continue to see it.

Midgetman said,
and when microsoft do this people scream antitrust?!?!

If Apple integrated it with a commercial anti-virus developer (whom they are paying royalties for and whom there was a competitive tender process to decide) then there is no antitrust concerns here.

Midgetman said,
and when microsoft do this people scream antitrust?!?!

Where? Please point to one conversation, one blog, even a twit where someone has made this complaint??

Everytime Apple does something, someone comes up with this excuse. Every single time, like cockwork, someone will trot out this old horse.

Well it's a good move on Apple's part. It's better to put the anti-virus software included in the OS before the major viruses come, now they can't get stuck in Microsoft's debacle because Anti-Virus companies won't sprout up on OS X because they already have virus protection.

However, on Windows since Anti-Virus companies already came in, if microsoft included Anti-Virus software in their OS there would be anti-trust regulators tearing it apart. So Microsoft is doing the next best thing and making it a free download with MSE.

. . .and have to say it is an excellent AV. Lite and very effective so far. Not sure, but aren't they going Include MSE in the live app's.

Before I can use SL I will have to buy a new Mac (thinging the 24" iMac. My six year old Power Mac isn't supported for SL. "Crying the Blues."

Pam14160 said,
. . .and have to say it is an excellent AV. Lite and very effective so far. Not sure, but aren't they going Include MSE in the live app's.

Before I can use SL I will have to buy a new Mac (thinging the 24" iMac. My six year old Power Mac isn't supported for SL. "Crying the Blues."


MSE will be offered seperately. If they actively promote it from within Windows, I can imagine Symantec and McAffee bawling to the EU

Couple problems with that, there are already anti-virus suites for mac. And Windows already includes an anti-virus, Windows Defender.

Where is the definition of "Windows Defender" per the Windows Help:

Using Windows Defender

It's important to run antispyware software whenever you're using your computer. Spyware and other potentially unwanted software can try to install itself on your computer any time you connect to the Internet. It can also infect your computer when you install some programs using a CD, DVD, or other removable media. Potentially unwanted or malicious software can also be programmed to run at unexpected times, not just when it is installed.

Windows Defender offers three ways to help keep spyware and other potentially unwanted software from infecting your computer:

Real-time protection.Windows Defender alerts you when spyware or potentially unwanted software attempts to install itself or to run on your computer. It also alerts you when programs attempt to change important Windows settings.

SpyNet community. The online Microsoft SpyNet community helps you see how other people respond to software that has not yet been classified for risks. Seeing if other members of the community allow software can help you choose whether to allow it on your computer. In turn, if you participate, your choices are added to the community ratings to help other people choose what to do.

Scanning options. You can use Windows Defender to scan for spyware and other potentially unwanted software that might be installed on your computer, to schedule scans on a regular basis, and to automatically remove any malicious software that is detected during a scan.

When you use Windows Defender, it's important to have up-to-date definitions. Definitions are files that act like an ever-growing encyclopedia of potential software threats. Windows Defender uses definitions to determine if software that it detects is spyware or other potentially unwanted software, and then to alert you to potential risks. To help keep your definitions up to date, Windows Defender works with Windows Update to automatically install new definitions as they are released. You can also set Windows Defender to check online for updated definitions before scanning.

As you can see there is no indication that Windows Defender is an AV. MSE is the AV, and at present is still in Beta. Microsoft does not include an AV in their OS's.

jwil1 said,
Windows Defender anyone? :P

I was exactly thinking of the same thing! :D
Besides, there is that free MS security solution that is going to be released (can't remember its name).

Mamoun said,
I was exactly thinking of the same thing! :D
Besides, there is that free MS security solution that is going to be released (can't remember its name).

Project Morro, now commonly called Microsoft Security Essentials. I'm using the beta right now for three reasons:
1. I heard it was nearly as good as NOD32 and Kaspersky (but that was back when it was released, not sure now
2. It integrates straight into Windows seamlessly
3. The obvious one, it's free!

But I think Apple's move is counter-intuitive to their marketing, as shown in above comments. By showing Macs are afflicted with some viruses only goes to show they cannot claim they are entirely virus-proof by nature.

jwil1 said,
Windows Defender anyone? :P

Yes, and this is the equivalent feature now on Macs. I'm not sure what your point is. :S That since Windows was first, other operating systems shouldn't get it? Or that you should rather use Windows, because the Windows Defending experience there is better? :D

Windows probably needed this feature much more than OS X since it's a far larger target, so there's little surprises here IMHO.

Ravemaster said,
But I think Apple's move is counter-intuitive to their marketing, as shown in above comments. By showing Macs are afflicted with some viruses only goes to show they cannot claim they are entirely virus-proof by nature.

All of you that are saying this are really misunderstanding their ads.

Yes, they are saying that Windows get viruses to an extent that it is a problem. But this doesn't imply that Macs don't. They're just pushing it as more of a disadvantage on Windows.

When did you see a Mac ad where they claimed "Macs don't get viruses"?

RAID 0 said,
Jug, oh please. You didn't see the two new Mac commercials, did you?


You must have been the one that didn't watch those ads, because they say "without thousands of viruses and tons of headaches". Which is absolutely true. You can count the number of viruses that affect OS X on your hands.

Except its not true. The only headaches you get from a computer are if you lack the experience or skill to use it which applies to Mac OS, Linux, and any other operating system as well as Windows. But Apple only tells part of the story. It's better marketing for their product.

roadwarrior said,
You must have been the one that didn't watch those ads, because they say "without thousands of viruses and tons of headaches". Which is absolutely true. You can count the number of viruses that affect OS X on your hands.


Well now you're just splitting hairs.

RAID 0 said,
Well now you're just splitting hairs.


No, I'm quoting the ad word for word. You were the one who claimed that the Mac ads said that "Macs don't get viruses", which they never have said. Every time they mention viruses, they simply claim that Macs are immune to the thousands (or whatever number they happen to mention) viruses that affect Windows.

Mamoun said,
I was exactly thinking of the same thing! :D
Besides, there is that free MS security solution that is going to be released (can't remember its name).

It think it is called Project We-can't-make-your-OS-secure-so-we-added-this-program-to-help-make-it-secure-no-you-can-trust-this-one-for-sure!

jwil1 said,
Windows Defender anyone? :P

If you're saying Apple copied Microsoft, then yes sure they did.
But it's something "inevitable" if you understand what I mean. An OS *needs* built-in malware protection a day or another. So yes it's copied from MS, but they really had to do this someday... it's just that MS did it first because their case was critical.

roadwarrior said,
No, I'm quoting the ad word for word. You were the one who claimed that the Mac ads said that "Macs don't get viruses", which they never have said. Every time they mention viruses, they simply claim that Macs are immune to the thousands (or whatever number they happen to mention) viruses that affect Windows.

wow, that's actually what the apple ad said?

They should write ads for the pharmaceutical industry! They could sell a medicine that keeps humans from getting the thousands of viruses that other animals get! Just like Macs don't get the viruses that windows gets!

Now that people will see virus/torjan/malware warnings on Macs, I guess Apple won't be able to push the "Mac's don't get viruses" crap for much longer

Minooch said,
Now that people will see virus/torjan/malware warnings on Macs, I guess Apple won't be able to push the "Mac's don't get viruses" crap for much longer

But now they have protection against the little there is for Macs. Now they can push that argument even further, because of course this function will always work perfectly.

Minooch said,
Now that people will see virus/torjan/malware warnings on Macs, I guess Apple won't be able to push the "Mac's don't get viruses" crap for much longer

If you ever actually listen to what Apple says about this, you would realize that they only claim that Macs are immune to the tens of thousands of viruses that affect Windows. Which is true, as stated.

Jugalator said,
... because of course this function will always work perfectly. ;)

I don't know if this part was sarcasm or not (I believe not, because you defended the Mac just the sentence before), but I'd have to agree. If there was 100 000 viruses, they would lose complete control in updating this little functionality in Snow Leopard. Now I think I can count the number of viruses for Macs on one hand, 2 at worse. It's gonna be really easy to maintain this perfectly.

Also, it's not going to slow down the system as much to scan files for like 10 possibilities of viruses or malware. But on Windows I don't know how antiviruses work, really, but if it compares each file to the 100 000 existing viruses.... whew, I can understand that when I had a PC 3 years ago, my antivirus slowed it down a lot.

I guess Roadwarrior wasn't paying attention when Apple touted (over and over again) "Macs don't get viruses". Yes, that is the actual claim. They never said "Macs don't get Windows viruses" because, well, that's pretty obvious.

C_Guy said,
I guess Roadwarrior wasn't paying attention when Apple touted (over and over again) "Macs don't get viruses". Yes, that is the actual claim. They never said "Macs don't get Windows viruses" because, well, that's pretty obvious.


As usual in matters referring to Apple, you are wrong. Go back and watch any of the Mac vs PC ads and show me ONE where Apple said that Macs are completely immune to all viruses.

Joshie said,
But they don't get viruses. See? They get malware.

Hehe, yea. And *Nix gets rootkits. Call the Whaaambulance.

roadwarrior said,
As usual in matters referring to Apple, you are wrong. Go back and watch any of the Mac vs PC ads and show me ONE where Apple said that Macs are completely immune to all viruses.

Oh mate, when will you learn. Facts have no place here, this is Apple bashing. If neowin users could understand simple facts, they wouldn't still be harping on about how great Windows 7 5-year old technology was.

artfuldodga said,
if i download that file, i can't get infected, i run Windows...
lol :)

Probably conflict with another Virus you already have then.

Star_Hunter said,
So that someone does not go there and get infected.

How can they get infected? they are running a Mac.. Mac's can't get malware. They say it all the time [/sarcasm]

Because it came from www.apple.com.

Funny, I always thought that Mac's were immune to malware. According to their commercials they are.

Tim Dawg said,
Because it came from www.apple.com.

Funny, I always thought that Mac's were immune to malware. According to their commercials they are.


Maybe you could help by pointing us to an Apple commercial that makes such a claim, because no commercial from Apple has ever claimed that they are immune from malware. Viruses, yes, because Mac OS X has better security, they are immune from them, unlike Windows. Yes even Windows 7 has viruses for it.

cakesy said,
Viruses, yes, because Mac OS X has better security, they are immune from them, unlike Windows. Yes even Windows 7 has viruses for it.

Nobody is still programming "viruses" as of today. But when people say "a virus" they're generally referring to what the computer-literate call more generally "malware".

Modern malware doesn't infect files as a "virus" would, it can or can not be self-replicating, and it doesn't necessarily need things like high privileges to make your PC a zombie in a botnet (which is the common target).

Such threats can therefore live on any platform.