Home » Apple luv, Mac, Software

Too late? Apple issues XProtect update for FlashBack trojan

30 November 2011 1,926 views 5 Comments

For whatever reason, security on the Mac, as a practical matter, is pretty good. Like Windows or Linux, however, there are plenty of exploitable ways to get into a Mac. Though few people seem interested in doing the required legwork, it’s wrong to say we’re virus proof.

A case in point is the FlashBack trojan, which is known to be spread via infected copies of GraphicConverter and Pixelmater distributed by warez sites. The take away here? Don’t download pirated software, especially when you can get it for free legally.

Thereupon, it bears repeating that GraphicConvertor is shareware and can be downloaded for free. Similarly, you can download a 30-day demo of Pixelmator direct from the developer.

More than a little scary

The one thing about the most recent version of the FlashBack trojan that makes it different than other trojans is that it disables XProtect malware blocker, which is integrated into OS X 10.6.4 and later. In other words, OS X’s one active defense against trojans can be defeated by FlashBack.

Not good.

However, Apple has issued an XProtect update that blocks FlashBack and you can use Adam Christianson’s Safe Download Version to check (image above) that you have the latest version. Given that this trojan in its various iterations has been making the rounds for months, the update is arriving late for some, probably a relative handful of users.

Is Apple doing enough to keep us safe?

5 Comments »

  • Jack said:

    Only trojans for OS X. There are no viruses, so it is correct to say OS X is virus proof.

    # 30 November 2011 at 1:15 pm
  • doug said:

    They seem to be doing enough, just simply because we are talking about only a handful of people who were caught. When the threat level was high they responded daily with fixes (compromised google search results) but when the threat is lower, responding within a couple weeks is probably fine. It still leaves little time for the code to get established, and should make it hard for a hacker to make much money.

    If there is no money in attacking the Mac, nobody will attack it.

    Two men are in the woods and a hungry bear approaches their camp site. The first man grabs his shoes and starts lacing them up. The second man condescendingly looks over at him and says, you idiot! A bear can run at speeds of over 30 mph. You can’t possibly out run it. To which the first man replied. “I don’t have to out run the bear…..I just have to out run you!”

    It may be a cold attitude, but it is what it is. Apple doesn’t have to out run the virus writers, hey just need to out run Microsoft.

    I’d say they are doing it.

    # 30 November 2011 at 6:19 pm
  • What's new in Mac OS X 10.7.3 | FairerPlatform said:

    [...] related news, Safe Download Version reports that Apple updated Xprotect definitions on Thursday, January 19 to version [...]

    # 2 February 2012 at 1:01 am
  • Java for OS X Lion 2012-002, Apple has another go | FairerPlatform said:

    [...] if Apple’s on the stick or not is to check. An easy way to do that is to download and run Adam Christianson’s Safe Download Version, which is [...]

    # 6 April 2012 at 12:49 am
  • Mac Security: XProtect Update Obviates Java Exploit - FairerPlatform said:

    [...] Apple delivered via a background push update on Thursday, January 10, get Adam Christenson’s Safe Download Version (image [...]

    # 14 January 2013 at 1:32 am

Leave your response!

Add your comment below, or trackback from your own site. You can also subscribe to these comments via RSS.

Be nice. Keep it clean. Stay on topic. No spam.