Anti-virus makers are taking turns questioning Apple
over its decision to include an anti-malware component
in its new Snow Leopard
operating system, which was released Friday.
Security solutions providers Kaspersky Lab, McAfee, Symantec and Intego, which specializes in offerings for the Mac, all have said in blog posts over the last several days that Apple may have made the wrong decision entering the anti-virus game.
Aleks Gostev, director of global research at Kaspersky Lab, said Monday on the company's Viruslist blog
that the anti-virus scanner in Snow Leopard might propel malware writers into creating more malicious files designed for the Mac now that Apple is basically entering the anti-virus industry.
"One the one hand, Apple isn't offering its users any real protection with this anti-virus," Gostev said. "On the other, it's [not] only entered into competition with other anti-virus companies but it's also joined the cybercrime arms race. Right now, it looks to me as though Apple's got itself into a very unenviable situation."
Craig Schmugar, threat researcher with McAfee Avert Labs, agreed that Apple may be opening the floodgates.
"There are a number of ramifications of such a move that could be discussed, but the intention of this post is to call out the possibility of this being a catalyst of more Mac malware to be created," Schmugar said in a blog post
last week. "Apple's inclusion of malware identification into the OS could certainly be a catalyst for a more intense game of cat-and-mouse with virus authors, an ironic scenario should this come about."
An Apple spokesman did not respond Monday to a request for comment.
The anti-malware feature in Snow Leopard provides basic protection, experts said.
It detects malware on files downloaded through applications such as Safari
, Mail, iChat, Firefox and Entourage, the Microsoft email client for the Mac, but contains no removal capabilities, according to Intego and Symantec.
"It is not a full-featured anti-virus solution and does not have the ability to remove malware from the system," Symantec said in a statement. "File quarantine is also signature-based only. Malware signatures are only as good as [their] definitions, requiring Apple to provide regular, timely updates. In addition, Mac OS X's Software Update technology does not update automatically, and there is also no UI (user interface) that allows users to see what signatures have been added to the system."