Re: [Fed-Talk] Snow Leopard's Malware Detector
Re: [Fed-Talk] Snow Leopard's Malware Detector
- Subject: Re: [Fed-Talk] Snow Leopard's Malware Detector
- From: Stacey Son <email@hidden>
- Date: Thu, 27 Aug 2009 12:49:45 -0500
Hi Todd:
Two whole signatures... wow! :-) I am a little surprised apple included the signature for the one that is embedded in the pirated iWork software.
Another interesting (I believe, security) feature which was added in safari 4 was that plugins run as separate processes. I have seen this mentioned in a few blog postings. I haven't check this yet but I would assume that apple uses a more restrictive "sandbox" for the safari plugin processes.
Some of the other new security features we can't talk about until at least after Friday.
-stacey.
On Aug 27, 2009, at 11:34 AM, Todd Heberlein wrote: Macworld has an article on the embedded malware detector that comes in Snow Leopard. I love the fact that the signature set contains only two definitions, and one of those is for a two year old malware. :) Its good to be on a Mac.
Inside Snow Leopard's hidden malware protection ... "In Snow Leopard, Apple has enhanced File Quarantine to also check files against known malware, pulling from a list of malware definitions at System/Library/Core Services/CoreTypes.bundle/Contents/Resources/XProtect.plist. As of this writing, the file contains only two definitions: theOSX.RSPlug.A Trojan Horse, first discovered in 2007, and theOSX.iService malware embedded in the pirated iWork installer mentioned earlier."
|
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden