AV makers fault Apple on Snow Leopard malware scanner

By on
AV makers fault Apple on Snow Leopard malware scanner

New anti-virus could entice cybercriminals.

Anti-virus makers are taking turns questioning Apple over its decision to include an anti-malware component in its new Snow Leopard operating system, which was released last week.

Security vendors Kaspersky Lab, McAfee, Symantec and Intego, which specialises in offerings for the Mac, all have said in blog posts over the last several days that Apple may have made the wrong decision entering the anti-virus game.

Aleks Gostev, director of global research at Kaspersky Lab, said on the company's Viruslist blog that the anti-virus scanner in Snow Leopard might propel malware writers into creating more malicious files designed for the Mac now that Apple is basically entering the anti-virus industry.

"One the one hand, Apple isn't offering its users any real protection with this anti-virus," Gostev said. "On the other, it's [not] only entered into competition with other anti-virus companies but it's also joined the cybercrime arms race. Right now, it looks to me as though Apple's got itself into a very unenviable situation."

Craig Schmugar, threat researcher with McAfee Avert Labs, agreed that Apple may be opening the floodgates.

"There are a number of ramifications of such a move that could be discussed, but the intention of this post is to call out the possibility of this being a catalyst of more Mac malware to be created," Schmugar said in a blog post. "Apple's inclusion of malware identification into the OS could certainly be a catalyst for a more intense game of cat-and-mouse with virus authors, an ironic scenario should this come about."

The anti-malware feature in Snow Leopard provides basic protection, experts said.

It detects malware on files downloaded through applications such as Safari, Mail, iChat, Firefox and Entourage, the Microsoft email client for the Mac, but contains no removal capabilities, according to Intego and Symantec.

"It is not a full-featured anti-virus solution and does not have the ability to remove malware from the system," Symantec said in a statement. "File quarantine is also signature-based only. Malware signatures are only as good as [their] definitions, requiring Apple to provide regular, timely updates. In addition, Mac OS X's Software Update technology does not update automatically, and there is also no UI (user interface) that allows users to see what signatures have been added to the system."


See original article on scmagazineus.com

Copyright © SC Magazine, US edition
Tags:

Most Read Articles

Log In

Username:
Password:
|  Forgot your password?