SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (UNIX)  >   Apple macOS/OS X Vendors:   Apple
Mac OS X Updates File Quarantine and Malware Removal Components
SecurityTracker Alert ID:  1025582
SecurityTracker URL:  http://securitytracker.com/id/1025582
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  May 31 2011
Impact:   Modification of system information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 10.6.7
Description:   A security issue was reported in Mac OS X. A local user may install malware that is not defined in the File Quarantine definitions.

Apple has added a definition for the 'OSX.MacDefender' malware to the File Quarantine function and has updated the function to check for new definitions on a daily basis.

Apple has added the capability to remove the 'OSX.MacDefender' malware to the Malware removal function.

[Editor's note: This Alert does not cover a vulnerability. However, Apple issued a Security Advisory and Security Update, so we have issued an Alert.]

Impact:   A local user may install malware that is not defined in the File Quarantine definitions.
Solution:   The vendor has issued a security update (APPLE-SA-2011-05-31-1 Security Update 2011-003).

For Mac OS X v10.6.7 and Mac OS X Server v10.6.7
The download file is named: SecUpd2011-003Snow.dmg
Its SHA-1 digest is: 07843c32a8b367fbe4318bdf22dd98013a91cd51

The vendor's advisory is available at:

http://support.apple.com/kb/HT1222

[Editor's note: This Alert does not cover a vulnerability. However, Apple issued a Security Advisory and Security Update, so we have issued an Alert.]

Vendor URL:  www.apple.com/ (Links to External Site)
Cause:   Not specified

Message History:   None.


 Source Message Contents

Subject:  APPLE-SA-2011-05-31-1 Security Update 2011-003

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2011-05-31-1 Security Update 2011-003

Security Update 2011-003 is now available and addresses the
following:

File Quarantine
Available for:  Mac OS X v10.6.7, Mac OS X Server v10.6.7
Impact:  Definition added
Description:  The OSX.MacDefender.A definition has been added to the
malware check within File Quarantine. Information on File Quarantine
is available in this Knowledge Base article:
http://support.apple.com/kb/HT3662

File Quarantine
Available for:  Mac OS X v10.6.7, Mac OS X Server v10.6.7
Impact:  Automatically update the known malware definitions
Description:  The system will check daily for updates to the File
Quarantine malware definition list. An opt-out capability is provided
via the "Automatically update safe downloads list" checkbox in
Security Preferences. Additional information is available in this
Knowledge Base article: http://support.apple.com/kb/HT4651

Malware removal
Available for:  Mac OS X v10.6.7, Mac OS X Server v10.6.7
Impact:  Remove the MacDefender malware if detected
Description:  The installation process for this update will search
for and remove known variants of the MacDefender malware. If a known
variant was detected and removed, the user will be notified via an
alert after the update is installed. Additional information is
available in this Knowledge Base article:
http://support.apple.com/kb/HT4651

For Mac OS X v10.6.7 and Mac OS X Server v10.6.7
The download file is named: SecUpd2011-003Snow.dmg
Its SHA-1 digest is: 07843c32a8b367fbe4318bdf22dd98013a91cd51

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (Darwin)

iQEcBAEBAgAGBQJN5RyEAAoJEGnF2JsdZQeeK9cH/AgUZm98vD1jyuGHCUOeAOJ7
txC235nzCRwBsD6cCYtqko7VpgVruejtIaWNGGWo+YjS+qp6SWgn5egZ2JRaydPH
alzIrzxvXr0kLphx3yvKxCJFqfS5sd+sAApVMG55cpRmTRRe7OqRAtjD10Q/KCJT
gVGbX4QPvLiLnmV7FB76yXUtENNX2mjo3whrkFRpfv0ahBCGibGNzc6/UsFreVo9
dONLrSbf+at7zHQ7RggfExxEKNPZKD4Mj27t5TPoqPewz4tzByZho/hByL6qjr9C
AZ1wvTb1PvNFbnN/jDKfpFHJZQZAIPXv+T9Jb8A9bCNOULalvdNz+zbTtm6PtfM=
=Iw7c
-----END PGP SIGNATURE-----
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list      (Security-announce@lists.apple.com)
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC