Linked by Hadrien Grasland on Thu 2nd Jun 2011 09:14 UTC
Mac OS X Looks like Apple might have changed their mind and rushed a security update against Mac Defender a bit too quickly. "Hours after Apple released [the] update and the initial set of definitions, a new variation of Mac Defender is in the wild. This one has a new name, Mdinstall.pkg, and it has been specifically formulated to skate past Apple's malware-blocking code." Update: And one day later, Apple has updated its malware definitions to detect the new version. MD's turn.
Thread beginning with comment 476103
To view parent comment, click here.
To read all comments associated with this story, please click here.
Member since:

Simply run Snow Leopard as Standard User and uncheck the 'Open Safe Files' option in Safari, and you are in pretty good shape...oh, and, don't click on adverts from unknown sources. Beyond this, the whole issue is more like wet-dreams-in-Mom's-basement for those who dislike Apple and/or its 'smug' users.

The issue here is that a paranoid and well-trained sysadmin is not Apple's main target user for Mac OS X, so they should do something that helps solving the problem for an unskilled user.

I agree that once the user is lured into thinking that his computer is infected with malware and that clicking the link will download and install an antivirus, there's not much that can be done, even with the best security systems known as of today.

But MacDefender does some nasty things that could be adressed, though. As an example, it keeps running on boot if I'm not mistaken, without having asked for an admin password as part of its installation. This should be fixed. Software should not be allowed to do so much without root privileges, and asking the user for root privileges should be done in a visually strong way, that states how dangerous it is in a last valiant attempt to have the user get a clue.

Edited 2011-06-05 12:08 UTC

Reply Parent Score: 1

brichpmr Member since:

Apple's automatic updates detect and disable that junk; but beyond that, anyone can run Intego VirusBarrier x6 (as I and others do), and see that it would detect and quarantine/remove this crap reactively if necessary. I spend 10 hrs a day on my work Dell, so I'm immersed in both sides of the OS pond. In our heavily regulated enterprise, many of the techies (and the less savvy) are running Macs, and are not as naive as some here proclaim.
There are clueless sheep on Macs and PCs....obviously.

Edited 2011-06-05 12:15 UTC

Reply Parent Score: 1

Neolander Member since:

There are clueless sheep on Macs and PCs....obviously.

Of course, but isn't it one of the core design challenges of modern computers and operating systems to be usable by normal people ?

Reply Parent Score: 1