Apple Quietly Goes After Mac Trojan With Update

Th'Inquisitor was one of several readers to point out coverage of Apple's stealth security fix, included along with the recent Snow Leopard 10.6.4 update. Graham Cluley of Sophos first noticed the update to protect Mac computers from a Trojan, and the fact that Apple didn't mention it in the release notes. The malware opens a back door to a Mac that can allow attackers to gain control of the machine and snoop about on it or turn it into a zombie. "You have to wonder," writes Cluley, "whether their keeping quiet about an anti-malware security update like this was for marketing reasons." While he certainly has a point that Apple benefits by its users' belief that the platform is secure, you also have to wonder whether any such publicity from a security company has a marketing subtext, as well.

Re:If they're trying to keep it secret

[Facegarden]

Why is the information publicly available? Why would most generic Mac users care to seek it on their own? Should Apple shove it in their face?

I would hardly call release notes for a bugfix "shoving it in their face."

It makes a lot of sense to say what you fixed in a bugfix, so people clearly know if a system needs a bugfix, or is safe.

Hiding it makes a lot of sense if you don't want to look bad, but is unhelpful to users who want to know if they need to update their systems or if it can wait.

This is probably more of an issue for enterprise users, and in that case their are fewer macs for sure, but its a good practice to be honest about what you're fixing, and covering that up is dishonest.
-Taylor

Re:You have to wonder?

Trojans aren't viruses.

Please list off all the viruses that will run on Snow Leopard.

Mac users are very fond of pointing out this distinction, leaving out that trojans and malware, and social engineering, these days are the overwhelming majority of Windows issues as well. The traditional virus is mostly a thing of the past.

Re:Let's get this out of the way, shall we?

[hairyfeet]

Actually funny you should say that, as I would say that most Windows users would be safer as they know there is malware for Windows and thus are more likely to have AV and Antimal. I had to clean up a few Macs infected with the "Mac Codec" DNSChanger awhile back, and I literally had to take them to a security site and show them a security report saying "This is Mac malware" because they completely refused to believe it was possible for a Mac to get malware, because that was what they had been told so often. One even got irate with me because "WTF is the point of spending all this money buying a Mac and a bunch of new stuff to go with it if I can still get infected!!!". I told him to go take it up with the guys at the Genius Bar, because I just fix boxes.

So I would say, especially with Windows 7 where there are features like ASLR, NX bit, and Windows Defender by default, that Windows users are probably safer because they know of the dangers out there. Many Mac users think they can run whatever they want and do anything because "Macs can't get bugs" and are therefor less likely to have good safety practices like have an AV or worry about updates. BTW all the guys that hope for a "Year of the Linux Desktop"? Guess what inevitably comes with clueless users? Can you say malware and headaches boys and girls? Believe me, I tried converting a "must click on teh pron!" Windows user to Linux once, he managed to break the OS in just three days. No matter the OS, stupid is as stupid does.

Re:One does not have to wonder

So you like it when the OS vendor pushes some software onto your system without any mention in the patch notes (which is the point of the article)? If so, you're posting on the wrong website.