FreakoutITGeek's Blog

Random IT postings from Freakz

MacDefender security patch

Yesterday (01/06/2011) I received an Apple security Update email advising that update 2011-003 was available for Mac OS X v10.6.7 & Mac OS X Server v 10.6.7.

The details of the mail advise that Apple have added details of the recent OSX.MacDefender.A malware to the definitions used by the File Quarantine (used when downloading files using Safari and some other applications within OS X)

In addition to this, Apple have now enabled a daily update feature for the File Quarantine malware definitions, this download is enabled by standard but can be enabled/disabled via Security Preferences.

Included with this update is a routine to check for and remove MacDefender (or known variants) if found on a system. Users will be prompted on reboot of the system if any such files are found.

As the update shows, this is only for the latest version of OS X so users should ensure that they have run Software Update to endure that their system is up to date before this update can be run.

Apple have not released details for later versions of OS X, so if you are running an older version, make sure that you disable the “Open ‘safe’ files after downloading” option in Safari (see my posting on MacDefender ) and if you have run the MacDefender / MacGuard (or other variant) I would suggest running ClamXav, which is a great fee virus checker for OS X.

For further details on File Quarantine see Apple Knowledge Base article at

For details of update see Apple Knowledge Base article at

For further details please see Apple Security Update web site.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: