A new version of Mac Defender malware that bypasses Apple's new security update is already in wild, according to a ZDNET report.
The bad guys have wasted no time. Hours after Apple released this update and the initial set of definitions, a new variation of Mac Defender is in the wild. This one has a new name, Mdinstall.pkg, and it has been specifically formulated to skate past Apple’s malware-blocking code.
The file has a date and time stamp from last night at 9:24PM Pacific time. That’s less than 8 hours after Apple’s security update was released.
Yesterday, Apple released Security Update 2011-003 to detect and remove the Mac Defender software and its variants. Notably, Apple introduced a new background process with the update that automatically updates virus definitions daily.
Apple maintains a list of known malicious software that is used during the safe download check to determine if a file contains malicious software. The list is stored locally, and with Security Update 2011-003 is updated daily by a background process.
If you do not wish to receive these updates, you can disable daily update by unchecking 'Automatically update safe downloads list' in the Security pane, in System Preferences. This option appears in Security preferences after Security Update 2011-003 is installed.
It will be interesting to see how fast Apple responds to this variant...
Read More [via Michael]
The bad guys have wasted no time. Hours after Apple released this update and the initial set of definitions, a new variation of Mac Defender is in the wild. This one has a new name, Mdinstall.pkg, and it has been specifically formulated to skate past Apple’s malware-blocking code.
The file has a date and time stamp from last night at 9:24PM Pacific time. That’s less than 8 hours after Apple’s security update was released.
Yesterday, Apple released Security Update 2011-003 to detect and remove the Mac Defender software and its variants. Notably, Apple introduced a new background process with the update that automatically updates virus definitions daily.
Apple maintains a list of known malicious software that is used during the safe download check to determine if a file contains malicious software. The list is stored locally, and with Security Update 2011-003 is updated daily by a background process.
If you do not wish to receive these updates, you can disable daily update by unchecking 'Automatically update safe downloads list' in the Security pane, in System Preferences. This option appears in Security preferences after Security Update 2011-003 is installed.
It will be interesting to see how fast Apple responds to this variant...
Read More [via Michael]