Apple Quietly Goes After Mac Trojan With Update

Th'Inquisitor was one of several readers to point out coverage of Apple's stealth security fix, included along with the recent Snow Leopard 10.6.4 update. Graham Cluley of Sophos first noticed the update to protect Mac computers from a Trojan, and the fact that Apple didn't mention it in the release notes. The malware opens a back door to a Mac that can allow attackers to gain control of the machine and snoop about on it or turn it into a zombie. "You have to wonder," writes Cluley, "whether their keeping quiet about an anti-malware security update like this was for marketing reasons." While he certainly has a point that Apple benefits by its users' belief that the platform is secure, you also have to wonder whether any such publicity from a security company has a marketing subtext, as well.

Re:If they're trying to keep it secret

[phantomfive]

Hiding it makes a lot of sense if you don't want to look bad,

It's really hard for me to believe that's the reason they did it, given the number of ugly things they did announce, including a few bugs that give complete control of the computer just by opening a web page. They could have added a line about updating malware signatures, and if they worded it right, avoided the bad press (I mean, it's not like it's the first time there has been a trojan for OSX).

It is more likely that the internal communication processes at Apple got mixed up, and the people in charge of updating the malware signatures haven't gotten in contact with the people in charge of writing the release notes. I don't think that is an uncommon thing in large (and even small) companies.

Re:this is anything but new

[eihab]

Microsoft in the meantime has gotten much more agile and serious about fixing bugs when they're reported all the while bitching if someone dares go public too quickly for their taste ala Google.

Too quickly for their taste?

I don't know what world you live in where you can patch something as complicated as windows in five days.

Do you know how many versions and language combination of windows there are? Testing and QA that goes into it? Documentation?

It's not like your small little project where you fix a couple of lines and call it done you know.

And also, it wasn't "Google" per se, one of their security researchers did it, and according to his tweets he claims that this was done on his own time.

But sure, let's ignore the facts and label this as a clash of the titans.

Re:this is anything but new

[eihab]

Where in the world except for microsoft the languages is relevant for fixing up bugs or securing the CODE?

The world where you have to deal with RTL languages like Arabic and Hebrew where no matter how simple the patch is, something is bound to get broken.

That's not even considering that the bug was in the hcp:// protocol that's directly related to help/remote assistance and the control panel. How will the patch affect hcp://[slashdot ate my UTF-8 Arabic characters that spelled help]?

That said, I do not have access to the code and I do not know for sure if there are any il8n issues to consider, but make no mistake about it, Windows is not your freaking weekend project that you can fix/QA and push live in five days.

Look, I dislike Microsoft as much as the next guy, but Google's security researcher really didn't give them any chance here.

Had he reported it and it went unfixed for 3 months then I'd be rooting for him and bashing MS like there's no tomorrow. But any bug in a code base as complicated as windows cannot be humanly fixed in the time-frame he gave them.