Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.
January 5, 2010
2 Min Read
Apple included a feature in Snow Leopard that blocked two Trojan horse pieces of malware. According to Kaspersky Lab, however, the feature has not been updated with new malware signatures since Snow Leopard shipped.The anti-malware feature was the first time Apple has included such a security component in OS X and was welcomed as a sign the company was getting more serious about securing the operating system. It was always a limited feature, blocking only multiple variants of the OSX.RSPlug.A and OSX.Iservice Trojans and only when downloaded by specific Internet programs. But it was an indication that Mac users should probably start paying more attention to these sorts of threats.
Unfortunately, Apple doesn't seem to have sustained its interest much beyond that initial release. According to security evangelist Ryan Naraine, writing on the Kaspersky Lab ThreatPost news service, the feature has not yet been updated with any new malware signatures. Signatures are the malware "profiles" that enable security software to identify and block Trojans and other threats. Without updated signatures, Snow Leopard will not be able to do anything about new malware Mac users may encounter.
Naraine specifically cites "the growing list of DNS-Changer threats that specifically target the Mac operating system" as an example of malware that it'd be helpful to have signatures for. DNS-Changer Trojans, he writes, "are used to change the Macï¿¼s DNS server, a trick used by phishers to load fake Web pages and hijack valuable user data."
Personally, I haven't encountered any such malware, nor has my iAntiVirus software detected any threats. I haven't changed the position I staked out in September, that many of the alleged threats to Mac security are more theoretical than real. But I also haven't changed my recommendation that Mac-using businesses beef up their antimalware measures, just because it's the smart thing to do. I applauded Apple's decision to include such a feature in Snow Leopard, if only to heighten awareness of security issues in the Mac community. It would be unfortunate if the company's lack of follow-through lulls businesses back into a sense of complacency.
You May Also Like