New “MAC Defender” malware variant surfaces, works way around recent security update

Posted by:
Date: Thursday, June 2nd, 2011, 04:10
Category: News, security, Software

Only one day after Apple released a security update for Mac OS X to address the “MAC Defender” malware, a new variant of the bogus antivirus software has been spotted in the wild.

Per ZDNet, the new variation of MAC Defender, named “Mdinstall.pkg,” has been crafted to bypass the new malware-blocking code made available by Apple. That update for Mac OS X, Security Update 2011-003, was released on Tuesday.

“The file has a date and time stamp from last night at 9:24PM Pacific time,” Bott wrote. That’s less than 8 hours after Apple’s security update was released. On a test system using Safari with default settings, it behaved exactly as before, beginning the installation process with no password required.

“As PC virus experts know, this cat-and-mouse game can go on indefinitely. Your move, Apple.”

Security Update 2011-003 included changes to the File Quarantine feature found in Mac OS X 10.6 Snow Leopard. It includes anti-malware definitions within the operating system itself, and examines external files downloaded within Mail, iChat, Safari, or other quarantine-aware applications.

The MACDefender malware first gained attention in early May, when it was spotted by an antivirus company. The program automatically downloads in Web browsers through JavaScript and originally required users to enter an administrator password, but a more recent variant does not ask for a password.

Some reports have suggested that the “MAC Defender” malware has spread quickly, with Bott earlier citing an anonymous AppleCare representative that apparently said the “overwhelming majority” of recent calls to Apple were related to the malware. Last week, Apple posted instructions on its site informing users on how to remove the malware.

Stay tuned for additional details as they become available.

New version of “Mac Defender” malware found, lacks administrator password requirement

Posted by:
Date: Thursday, May 26th, 2011, 03:05
Category: News, security, Software

Somewhere, the guys who created this program really DO have a bridge to try and sell you…

Per security firm Intego, a new, more dangerous variant of “MAC Defender,” dubbed “Mac Guard,” has been discovered, the new malware variant lacking the requirement of an administrator password to install.

The discovery was announced on Wednesday, the company commenting that “the first part is a downloader, a tool that, after installation, downloads a payload from a web server,” the security firm said.

“As with the Mac Defender malware variants, this installation package, called avSetup.pkg, is downloaded automatically when a user visits a specially crafted web site,” the firm continued.

No administrator’s password is required to install the application, and if users have Safari’s “Open ‘safe’ files after downloading option checked, the package will open Apple’s Mac OS X installer, and users will see a standard installation screen. However, at this point users must still agree to install the “MAC Defender” malware.

The second part of the malware is a new version called “MacGuard.” The avRunner application automatically downloads “MacGuard,” which, like its predecessor, aims to trick users into providing credit card numbers in exchange for supposedly ridding a users’ systems of “infected” files for a given license fee.

This week, Apple posted a support document on its web site explaining how to remove the “MAC Defender” malware. The company also revealed it will release an update to its Mac OS X operating system that will automatically find and remove the malware.

Some reports have suggested that the “MAC Defender” malware has spread quickly, with one anonymous AppleCare representative claiming that the “overwhelming majority” of recent calls to Apple were related to the malware. The software was first discovered early this month, also by Intego.

While the original variant was categorized as a “low” threat because it requires users to type in an administrator password, the latest version is considered more dangerous, and was ranked with a “medium” risk.

The malware has spread through search engines like Google via a method known as “SEO poisoning.” Using this technique, phony sites are designed to game search engine algorithms and show up when users search for certain topics.

Apple posts support document describing how to remove Mac Defender phishing software

Posted by:
Date: Wednesday, May 25th, 2011, 05:13
Category: News, Software

Apple has posted a support document explaining how to “avoid or remove” the infamous Mac Defender program and stated it would release an update to Mac OS X to automatically find and remove the malware.

The new support document describes the malware as a phishing scam that redirects users from legitimate websites to “fake websites which tell them that their computer is infected with a virus.”

The websites then offer phony antivirus software for a license fee between US$59.95 and US$79.95 to solve the problem, under the names Mac Defender, Mac Protector and Mac Security, often with MAC spelled in all caps.

Per AppleInsider, Apple’s removal steps detail quitting the offending app and deleting it from the Utilities folder it is installed into by default. The primary damage caused by the malware is to nag the user for their credit card information in an attempt to sell them a solution to a nonexistent problem.

Windows PC pundits, have made highly publicized reports of the Mac Defender malware, suggesting it is evidence that Macs are now experiencing malware and virus problems comparable to those experienced by Windows users over the past two decades.

Security expert Charlie Miller, who has regularly won security contests demonstrating Mac exploits, has downplayed that real threat of the few Mac malware titles that have surfaced, recently noting in an interview that “Microsoft recently pointed out that 1 in 14 downloads on Windows are malicious. And the fact that there is just one piece of Mac malware being widely discussed illustrates how rare malware still is on the Mac platform.”

Miller explained that while antivirus software can help protect your system from being infected, he also countered that “it’s expensive, uses system memory and reduces battery life,” stating, “At some point soon, the scales will tip to installing antivirus, but at this point, I don’t think it’s worth it yet for most people.”

Apple recommends that Mac users “should exercise caution any time they are asked to enter sensitive personal information online” and notes that it “provides security updates for the Mac exclusively through Software Update and the Apple Support Downloads site.”

The Mac Defender scam presents a phony website scanner with an appearance modeled after iTunes, and depicts itself as being an “Apple security center,” apparently modeled after the “Windows Security Center” Microsoft added to its own product.

Because the phony web page and its popups are tied to the browser, they do not look native alerts from Mac OS X. The scam site is also unable to install the malware without the user supplying an administrative password. Even so, hundreds of users have been duped by the scam, although the outbreak appears to be more of a nagware annoyance than a serious security problem.

In other news, the developers of Mac Defender also have a bridge they’d like to sell you…

Orange CEO divulges details, says next-gen iPhone to be smaller and thinner

Posted by:
Date: Tuesday, May 24th, 2011, 08:44
Category: iPhone, News

If you’re wondering as to the specs of the next-generation iPhone…it’ll be smaller and thinner.

Or at least according to The CEO of France Telecom, who, as cited in an article on All Things Digital, stated that Apple will use a new, smaller SIM card in order to reduce the size of the handset.

Orange has hinted that Apple wanted to use smaller SIM cards before but apparently the network operator has managed to persuade Apple not to adopt an e-SIM system.

The e-SIM would be an embedded chip within the handset that would not be removeable – something that Orange and other network operators were unhappy with. The new, smaller SIMs are a compromise.

“All of us told them it was a bad idea because the SIM card is a critical piece of the security and authentication process. It would be very difficult for a telco or carrier to manage the customer relationship. I think that they understood this point. We had a very constructive exchange and dialogue with them,” said France Telecom CEO Stephane Richard.

“We are going to work with them in order to standardize a new format of SIM which takes into account our needs with security and authentication and also is compatible with their wishes in terms of size. I understood that the next iPhone would be smaller and thinner and they are definitely seeking some space,” he continued.

Richard is also wary of the power the Apple wields with its App Store. Other handset manufacturers allow Orange to pre-load its apps on to mobile phones sold on its network, though this is not possible with Apple.

“We still are in a position to bring those apps to our customers through the app stores, provided clearly we have access to the App Store. The problem is the day when Apple says ‘I don’t want this one’,” he said.

The interview is unusually frank and may lead to some consequences, as network operators have been punished by Apple in the past for giving away information about the company’s future plans.

Skype updated to 5.1.0.935, resolves security flaw

Posted by:
Date: Tuesday, May 10th, 2011, 04:56
Category: News, Software

skypelogo.jpg

On Monday, version 5.1.0.935 of Skype went public. The new version, a 20.2 megabyte download, resolves a security issue that could allow hackers to gain control of a Mac via a maliciously crafted Skype message. The vulnerability made headlines last week when a security researcher publicized the issue. In response, Skype promised that an update would come early this week.

Skype 5.1.0.935 requires Mac OS X 10.5.8 or later to install and run.

Mozilla releases Firefox 4.0.1 update

Posted by:
Date: Friday, April 29th, 2011, 04:53
Category: News, Software

elfirefox

Late Tuesday, Mozilla.org released version 4.0.1 of its Firefox web browser. The new version stands as an 26.8 megabyte download offered the following fixes and changes:

- Fixed several security issues.

- Fixed several stability issues.

Firefox 4.0 requires an Intel-based Mad and Mac OS X 10.5 or later to install and run.

If you’ve tried the new version and have any feedback, let us know.

Adobe Reader, Adobe Reader Pro updated to 10.0.3

Posted by:
Date: Thursday, April 21st, 2011, 09:50
Category: News, Software

On Thursday, Adobe released version 10.0.3 of its Adobe Reader application. The update, which can also be snagged through the Adobe Update Utility, adds the following fixes and changes:

- Addresses critical security vulnerabilities while providing more stability. Adobe always recommends that you install the latest security updates.

Acrobat Reader 10.0.3 and Acrobat Pro requires an Intel-based processor and Mac OS X 10.4 or later to install and run.

If you’ve tried the new versions and noticed any differences, please let us know what you think.

Rumor: iOS 4.3.2 to feature FaceTime, Verizon iPad, WebKit fixes and changes

Posted by:
Date: Tuesday, April 12th, 2011, 03:31
Category: iPhone, Rumor, Software

If iOS 4.3.1 is driving you mildly nuts, there’s hope down the line.

Per Boy Genius Report, Apple is rumored to issue its next mobile operating system update, iOS 4.3.2, for the iPhone and iPad in the next week, addressing problems with FaceTime and connectivity issues related to the Verizon iPad 2.

The web site allegedly obtained an early copy of the iOS 4.3.2 software and loaded it on an iPhone, but apparently didn’t notice any standout changes with the incremental software update. Even so, a tipster reportedly said that the new software will pack a fix for FaceTime, as well as security fixes for WebKit vulnerabilities, among other minor changes.

The update is also said to resolve connectivity issues with the Verizon CDMA iPad 2. Last Friday, Apple said in a statement that it is looking into connection problems users have reported with the 3G-capable Verizon iPad 2. The issues have not been reported by users of the AT&T-compatible 3G iPad 2.

Rumors of an iOS 4.3.2 update first surfaced earlier this month. It was said that the security and maintenance update would include bug fixes, but no additional details were given at the time.

iOS 5.0 is expected to be unveiled at the Worldwide Developers Conference, scheduled to kick off June 6 in San Francisco, Calif. Apple has said that this year’s conference will be used to “unveil the future of iOS,” and rumors have indicated that Apple will preview iOS 5, but will not announce a new iPhone as it has done in years past.

Stay tuned for additional details as they become available.

Rumor: Apple to release iOS 4.3.2 in next couple of weeks

Posted by:
Date: Friday, April 8th, 2011, 04:06
Category: iPhone, Rumor, Software

Apple is rumored to be prepping another incremental update to its mobile operating system in the form of iOS 4.3.2 within the next few weeks, the update having been said to include bug fixes and enhancements.

Per Boy Genius Report, the company is currently working on iOS 4.3.2 for the iPhone, iPad and iPod touch. Tipsters allegedly indicated that the software will arrive in about two weeks.

“It’s said to include a few enhancements, address security issues, and it will also fix several bugs that have affected users,” the report said. It provided no specifics on what bugs or improvements the update might include.

The same site reported on iOS 4.3.1 in March, and said it would also arrive within two weeks. The actual software arrived just four days later, and was a minor release with fixes for cellular networks and a resolution for an occasional graphics glitch on the fourth-generation iPod touch.

Apple has already revealed that it will “unveil the future of iOS” at this year’s Worldwide Developers Conference in San Francisco, scheduled to start on June 6. It is widely believed that Apple will officially unveil the next major update for its mobile operating system, iOS 5, at that event, though rumors have suggested the company has no intention of showing off new iPhone hardware, as it has done in years past.

Stay tuned for additional details as they become available.

Office for Mac 2011 Service Pack 1 expected next week

Posted by:
Date: Thursday, April 7th, 2011, 04:20
Category: News, Software

You’ve had your mitts on Office for Mac 2011 and gotten to know the suite inside and out.

As of next week, it might be going through some changes.

Per Microsoft’s Office for Mac blog, the company is set to release Service Pack 1 for Office for Mac 2011 next week, bringing the usual fixes, as well as new features and enhancements, including the ability to sync calendar, tasks and notes via Apple’s Sync Services.

“This will let you sync your Outlook calendar as well as contacts, notes and tasks with any service or device that supports Sync Services, including your iPhone and iPad,” wrote Pat Fox, senior director of product management for Office for Mac. “This has been one of our top feature requests — hopefully this is good news to many of you.”

However, Apple also plans to discontinue the use of Mac OS X Sync Services with its subscription MobileMe service starting on May 5 for all users. The change is already in place for users who have already moved their account to the new version of MobileMe calendar, which came out of beta last October.

For Outlook for Mac 2011 users who sync their iOS device with Sync Services via iTunes, calendars will remain up to date. But users who sync their iPhone or iPad calendars with MobileMe will not have them synced to Outlook 2011 with SP1.

Fox also revealed that SP1 will bring Outlook support for Exchange based on server-side rules. A new Outlook Redirect button will also allow users to redirect a message to the intended recipient while replies will go to the original sender.

Other new additions include an Outlook Resend button, Outlook edit of existing messages, and Solver integration support in Excel. SP1 will also provide increased stability and security.

Stay tuned for additional details as they become available and if you have any thoughts on Office 2011, let us know in the comments.