Apple Releases Security Update 2011-003, Kills MacDefender Malware Dead
Well, here’s an unexpected wrinkle in the “MacDefender” malware saga: Apple just pushed out a small Snow Leopard security update to squash the malfeasant, which was widely expected to be addressed in a forthcoming Mac OS X 10.6.8 update.
Apple has been just full of surprises on Tuesday, with its WWDC 2011 keynote press release this morning confirming the existence of both iOS 5 and iCloud, then afternoon updates to the iOS iWork apps, introducing universal support for the iPhone and iPod touch. But the company isn’t quite done with the day, having just pushed out Security Update 2011-003.
So what is Security Update 2011-003? It’s small (2.1MB) patch for Mac OS X Snow Leopard 10.6.7 users to address the recent “MacDefender” malware. Developers recently noted that a seed of Mac OS X 10.6.8 included a patch for Mac Defender in its release notes, but it appears that Apple wanted to move quickly by squashing the nuisance now, rather than waiting for a larger OS X update.
MacDefender first came to light at the beginning of May, when it received unprecedented coverage from websites covering Apple. The malware first appeared on Google image searches, presenting itself as an antivirus installer. Thankfully, the nuisance was not widespread, and now Apple has moved to address the problem quickly.
The security update specifically addresses three MacDefender-related issues. The first adds a OSX.MacDefender.A definition to the malware check within File Quarantine, while the second provides for daily checks for the File Quarantine malware definition list, which will provide updates to squash future nuisances in the same vein as Mac Defender.
The third and most important part of Security Update 2011-003 is the actual removal of the MacDefender malware, if detected. “The installation process for this update will search for and remove known variants of the MacDefender malware,” Apple’s support document explains. “If a known variant was detected and removed, the user will be notified via an alert after the update is installed.”
Users running Mac OS X 10.6.7 Snow Leopard are encouraged to run their Software Update (or download direct from Apple's website) as soon as possible to install Security Update 2011-003; it’s a tiny patch and doesn’t even require a restart as many such updates do.
Follow this article’s author, J.R. Bookwalter on Twitter
Related Articles
TrainAss
June 02, 2011 at 8:48am
The new varient of MacDefender is out now that gets around this latest update.
Goldie07
June 01, 2011 at 8:08pm
"but it appears that Apple wanted to move quickly by squashing the nuisance now, rather than waiting for a larger OS X update."
This is Apple's idea of moving quickly? Is the Apple world always moving in slow motion?
slateral
June 01, 2011 at 1:41pm
Is Leopard vulnerable to Mac Defender? If so, will Apple be offering a Security Update for those of us still using Leopard?
I sure hope so, because I plan to skip 10.6 and wait for 10.7. I'm sure there are others out there with the same concern.
Connect with Mac|Life
Featured Content
It's no secret that Sex and the City's Carrie Bradshaw loved her Apple laptops --...
Whether it's learning how to use the application or importing third-party calendars...
No one really knows, but that doesn’t stop us from speculating.
In This Month's Issue
Feature
Review
Create
Latest Mac|Life Tweets
- MacLife: Review: Sonic the Hedgehog 4 Episode II, universal for iPhone and iPad. So frustrating! http://t.co/UwBjm1Qx14 hours 22 min ago
- MacLife: Lights, Camera, Apple! So many Macs, iPhones, and iPads on TV. http://t.co/JPJ7fBVK14 hours 56 min ago
- MacLife: In this week's Law & Apple, Samsung's bizarre "anti-fanboy" defense, and Apple has a tough time in Delaware. http://t.co/oVwi51Yp15 hours 26 min ago
- MacLife: Mint's iOS app added budgeting and split transactions. Do you track your finances on an iPhone/iPad? http://t.co/c4AgVI4w15 hours 57 min ago
- MacLife: IBM blocks Siri, iCloud, and Drobpox on its employees' iPhones. Drag. But understandable too, right? http://t.co/ojuiYxiS16 hours 58 min ago
