Tuesday, May 31, 2011

Mac OS X Snow Leopard and malware detection

Mac OS X Snow Leopard and malware detection

"Malware" is an abbreviated term for malicious software. Malware includes viruses, worms, trojan horses, and other types of software that can damage the software on your system or violate your privacy. Malware can be installed on your computer when you download content or applications from the Internet, via email, text messaging, or websites. Mac OS X v10.6 Snow Leopard checks for known malware and alerts you so that you do not accidentally install it on your system.

Files downloaded via applications such as Safari, iChat, and Mail are checked for safety at the time that they are opened. If a file is identified as containing known malware, the system will display a dialog that alerts you to move it to the Trash. You should empty the Trash to finalize the removal of the file.

Apple maintains a list of known malicious software that is used during the safe download check to determine if a file contains malicious software. The list is stored locally, and with Security Update 2011-003 is updated daily by a background process.

If you do not wish to receive these updates, you can disable daily update by unchecking "Automatically update safe downloads list" in the Security pane, in System Preferences. This option appears in Security preferences after Security Update 2011-003 is installed.

Security Update 2011-003 provides additional protection by checking for the MacDefender malware and its known variants. If MacDefender malware is found, the system will quit this malware, delete any persistent files, and correct any modifications made to configuration or login files. After MacDefender is identified and removed, the message below will be displayed the next time an administrator account logs in.

Thursday, May 26, 2011

Outline of May 26, 2011 NCC-Mac Meeting


If you're a new attendee, please give us your email address so you'll be able to get meeting announcements. If you're a former Verizon email user, please give us your new address.


MacDefender Malware


Some of Apple's software updated since the March meeting

Run Software Update or visit Apple - Support - Downloads

Canon Printer Drivers v2.5 for Mac OS X v10.6

This update installs the latest software for your printer or scanner.

April 13, 2011 - 307.23 MB

Security Update 2011-002 (Leopard - Client)

Security Update 2011-002 is recommended for all users and improves the security of Mac OS X. Previous security updates have been incorporated into this security update.

April 14, 2011 - 241.35 MB

Security Update 2011-002 (Snow Leopard)

Security Update 2011-002 is recommended for all users and improves the security of Mac OS X. Previous security updates have been incorporated into this security update.

April 14, 2011 - 4.43 MB

Safari 5.0.5

This update is recommended for all Safari users and includes the latest security updates.

April 14, 2011 - (46.83 MB Snow Leopard) (52.59 MB QuickTime) (33.97 MB Windows) (46.83 MB Leopard)

iTunes 10.2.2

iTunes 10.2.2 provides a number of important bug fixes and several new features and improvements.

April 18, 2011 - 75.59 MB (Mac) 77.13 MB (Win 32) 78.01 MB (Win 64)

iMac Hard Drive Firmware Update 1.0

This firmware update fixes a hard drive issue that may prevent some iMac (21.5-inch and 27-inch, Mid 2010) systems from booting properly.

April 25, 2011 - 767 KB

Snow Leopard Font Update

The Snow Leopard Font Update addresses issues displaying and printing certain OpenType fonts and is recommended for all Mac OS X v10.6.7 users.

April 26, 2011 - 3.77 MB

iPhoto 9.1.3

This update fixes a problem that could cause some events merged in iPhoto to be split back into multiple events on iOS devices after being synced.

May 11, 2011 - 106.29 MB

Digital Camera RAW Compatibility Update 3.7

This update adds RAW image compatibility to Aperture 3 and iPhoto '11.

May 17, 2011 - 6.62 MB

ProKit 7.0 (Snow Leopard 10.6.6 and later)

This ProKit Update fixes minor issues and is recommended for users of Final Cut Pro, Motion, Soundtrack Pro, DVD Studio Pro, iPhoto, Aperture, Final Cut Express, Logic Pro, MainStage, Logic Express and iAd Producer.

May 17, 2011 - 15.7 MB

The next meeting will be held Thursday, June 30, 2011, 4:30 PM at the Langlois Library.

(subject to confirmation)

A Trip Down Memory Lane

Q&A, General Discussion

Wednesday, May 25, 2011

How to avoid or remove Mac Defender malware

How to avoid or remove Mac Defender malware

A recent phishing scam has targeted Mac users by redirecting them from legitimate websites to fake websites which tell them that their computer is infected with a virus. The user is then offered Mac Defender "anti-virus" software to solve the issue.

This "anti-virus" software is malware (i.e. malicious software). Its ultimate goal is to get the user's credit card information which may be used for fraudulent purposes.

The most common names for this malware are MacDefender, MacProtector and MacSecurity.

In the coming days, Apple will deliver a Mac OS X software update that will automatically find and remove Mac Defender malware and its known variants. The update will also help protect users by providing an explicit warning if they download this malware.

In the meantime, the Resolution section below provides step-by-step instructions on how to avoid or manually remove this malware.


How to avoid installing this malware

If any notifications about viruses or security software appear, quit Safari or any other browser that you are using. If a normal attempt at quitting the browser doesn't work, then Force Quit the browser.

In some cases, your browser may automatically download and launch the installer for this malicious software. If this happens, cancel the installation process; do not enter your administrator password. Delete the installer immediately using the steps below.

  1. Go into the Downloads folder or your preferred download location.
  2. Drag the installer to the Trash.
  3. Empty the Trash.

How to remove this malware

If the malware has been installed, we recommend the following actions:

  • Do not provide your credit card information under any circumstances.
  • Use the Removal Steps below.

Removal steps

  • Move or close the Scan Window
  • Go to the Utilities folder in the Applications folder and launch Activity Monitor
  • Choose All Processes from the pop up menu in the upper right corner of the window
  • Under the Process Name column, look for the name of the app and click to select it; common app names include: MacDefender, MacSecurity or MacProtector
  • Click the Quit Process button in the upper left corner of the window and select Quit
  • Quit Activity Monitor application
  • Open the Applications folder
  • Locate the app ex. MacDefender, MacSecurity, MacProtector or other name
  • Drag to Trash, and empty Trash

Malware also installs a login item in your account in System Preferences. Removal of the login item is not necessary, but you can remove it by following the steps below.

  • Open System Preferences, select Accounts, then Login Items
  • Select the name of the app you removed in the steps above ex. MacDefender, MacSecurity, MacProtector
  • Click the minus button

Use the steps in the "How to avoid installing this malware" section above to remove the installer from the download location.

Note: Apple provides security updates for the Mac exclusively through Software Update and the Apple Support Downloads site. User should exercise caution any time they are asked to enter sensitive personal information online.

Saturday, May 21, 2011

NCC-Mac May 2011 Meeting Reminder

The next meeting of the North Curry County Macintosh Users is Thursday, May 26, 4:30 PM at the Langlois Library. NOTE THE MEETING TIME CHANGE.

We'll be taking a trip down Memory Lane, way back to our first encounters with computers of any kind. If you have any old, old computer gear that still boots, bring it in. If you have any pictures or stories from the old days, share them.