OFFICIAL SECURITY BLOG

We’ve moved! You can now read the latest and greatest on Mac adware and malware at Malwarebytes.

How to prepare your Mac for sale

Posted on November 10th, 2012 at 4:18 PM EST

People sell their computers all the time. Unfortunately for the buyers, this is often done improperly, leaving the buyer with a junk computer that isn’t working properly… sometimes even containing malware! For the seller, such improper preparation is a danger as well, as the buyer may be able to access sensitive data left unknowingly on the machine. Proper security is important to both parties. (As the seller, you may not be terribly concerned about the buyer’s feelings, but keep in mind that the price you get when selling on sites like eBay can depend on how satisfied previous buyers were with you as a seller.) With just a little work, you can clean the machine up, preventing all of these issues, prior to sale.
Read the rest of this entry »

13 Comments

New Java update addresses more vulnerabilities

Posted on June 13th, 2012 at 9:22 PM EDT

Apple has released another Java update, patching a number of new vulnerabilities.  Full details on the vulnerabilities can be found on Oracle’s web site.  Although there are no malware exploits currently known to be using those vulnerabilities on a Mac, I still advise updating immediately.  Keep in mind that when the vulnerabilities are patched, that essentially gives malware authors a road map for where to strike at unpatched machines, making you far more vulnerable than you were before.  To update, simply run Software Update and install the Java update.  Updates are only available for users of Snow Leopard (Mac OS X 10.6) and Lion (Mac OS X 10.7).

This post is more than 30 days old and has been locked. No further comments are allowed.

New Mac malware abounds

Posted on April 25th, 2012 at 12:27 PM EDT

Several new malware programs have appeared for the Mac in the last week or so, bringing the grand total of new Mac malware in the first four months of 2012 to 5, compared to 6 for all of 2011.*  This increase in Mac malware is a concerning trend, and is making for lots of juicy news stories in the media.  But how much do Mac users really need to worry about this?  That’s a hard question to answer, since every individual will have a different threshold for worry, but let’s start with some facts.
Read the rest of this entry »

8 Comments

Confusion abounds over Apple’s Flashback removal tool

Posted on April 17th, 2012 at 10:32 AM EDT

Many users are confused by Apple’s updates that address Flashback.  They are uncertain which one is appropriate for their computer and are left wondering where the tool is installed and how to run it.  Even some Mac experts are confused, some of them even posting erroneous information online, which isn’t helping things.  Add Apple’s inconsistent naming scheme for these updates and vague documentation and it has become a huge source of frustration for many.  Fortunately, there are very easy answers to these questions.
Read the rest of this entry »

This post is more than 30 days old and has been locked. No further comments are allowed.

Apple update removes Flashback

Posted on April 12th, 2012 at 10:10 PM EDT

Apple released a pair of Java updates today, one for Lion and one for Snow Leopard, that not only patch Java, but also remove Flashback if it happens to be installed. All users of those systems should immediately download and install Java for OS X Lion 2012-003 or Java for Mac OS X 10.6 Update 8.
Read the rest of this entry »

This post is more than 30 days old and has been locked. No further comments are allowed.

Do I need a firewall?

Posted on June 5th, 2011 at 4:24 PM EDT

Firewalls have always been poorly understood, even by knowledgeable people. With the recent upsurge in Mac malware, there has been a lot of questionable advice circulating, some of which related to firewalls. People are recommending firewalls for avoiding malware, blocking hackers, preventing spam and any number of other things.  Some of these recommendations have some validity and some do not…  but how is the average user to know the difference?
Read the rest of this entry »

This post is more than 30 days old and has been locked. No further comments are allowed.

Apple releases security update for MacDefender

Posted on May 31st, 2011 at 7:22 PM EDT

Apple released Security Update 2011-003 today, addressing the MacDefender issue.  According to Apple’s documentation on this update, there are three basic additions to assist in dealing with the MacDefender outbreak.  Before reading further, it may be worthwhile to read my Mac Virus Guide, to understand some of the fundamental ideas involved, and Apple’s own document on quarantine.


Read the rest of this entry »

1 Comment

Apple responds to MacDefender

Posted on May 24th, 2011 at 9:27 PM EDT

Apple posted their own support document today, titled How to avoid or remove Mac Defender malware, in which they describe how to respond to this malware.  Their removal instructions are essentially identical to what I’ve outlined in Identifying and removing MacDefender trojans, which should be reassuring to those who have followed my guidelines.  Even more reassuring is the fact that the article refers to a soon-to-come software update to help combat MacDefender and its variants.  Whether this will come in the form of another update to Quarantine or whether they plan to develop a different response to this particular threat is something that only time will tell.  Regardless, this promise of action should ease users’ minds, especially in the wake of rumors that Apple support techs have been told not to handle MacDefender issues, though some may criticize Apple for not taking swifter action.

This post is more than 30 days old and has been locked. No further comments are allowed.