MacDefender security patch
June 2, 2011
Posted by on
Yesterday (01/06/2011) I received an Apple security Update email advising that update 2011-003 was available for Mac OS X v10.6.7 & Mac OS X Server v 10.6.7.
The details of the mail advise that Apple have added details of the recent OSX.MacDefender.A malware to the definitions used by the File Quarantine (used when downloading files using Safari and some other applications within OS X)
In addition to this, Apple have now enabled a daily update feature for the File Quarantine malware definitions, this download is enabled by standard but can be enabled/disabled via Security Preferences.
Included with this update is a routine to check for and remove MacDefender (or known variants) if found on a system. Users will be prompted on reboot of the system if any such files are found.
As the update shows, this is only for the latest version of OS X so users should ensure that they have run Software Update to endure that their system is up to date before this update can be run.
Apple have not released details for later versions of OS X, so if you are running an older version, make sure that you disable the “Open ‘safe’ files after downloading” option in Safari (see my posting on MacDefender ) and if you have run the MacDefender / MacGuard (or other variant) I would suggest running ClamXav, which is a great fee virus checker for OS X.
For further details on File Quarantine see Apple Knowledge Base article at http://support.apple.com/kb/HT3662
For details of update see Apple Knowledge Base article at http://support.apple.com/kb/HT4651
For further details please see Apple Security Update web site.