Kaspersky’s Marco notes that the latest update to Snow Leopard (10.6.7) includes a silent update to Apple’s minimalist XProtect antivirus facility, which is able to detect three examples of Mac-targeting malware (including some variants), if it happens to be looking that way at the time.
Specifically (using Kaspersky names):
- OSX.RSPlug
- OSX.Iservice
- OSX.HellRTS
And now, OSX.Opinionspy, about which we blogged several times in June 2010. It must be a very pleasant, leisurely pursuit, being a malware researcher at Apple.
I note that McAfee’s Francois Paget has put together an interesting analysis of the latest patch and how it relates to CVE vulnerability IDs: see http://blogs.mcafee.com/mcafee-labs/busy-month-for-apple.
And Larry Seltzer notes that “One of the vulns fixed in today’s Mac OS update is CVE-2006-7243. Yes, that’s 2006.”
While Vupen tell us that “Apple Mac OS X 10.6.7 does NOT fix our Safari Pwn2own exploit. The flaw used by @0xcharlie to pwn iPhone was present in Mac and is now fixed.”
David Harley
Leave a Reply