Critical Infrastructure Security, Network Security, Vulnerability Management

Snow Leopard to contain anti-malware component

Story updated on Wednesday, Aug. 26 at 5:02 p.m. EST

Apple appears set to include an anti-virus component to its soon-to-be-released Snow Leopard, the next iteration of the Mac OS X.

Mac security firm Intego said it has received "reports" that the platform will contain the new feature. In its company blog, Intego posted a screenshot, which shows the new anti-malware mechanism identifying the RSPlug trojan and asking the user if he or she wants to open or cancel the file download being made via the Safari browser.

An Intego spokeswoman said the company -- like other software developers -- is under a nondisclosure agreement with Apple and is unable to comment further. The agreement expires Friday, when Snow Leopard is scheduled to be released.

The move by Apple may surprise some, considering the Cupertino, Calif.-based computing giant positions its operating system as inherently secure compared to Windows.

"We're naturally curious about this feature and about how thorough it is," Peter James, an Intego spokesman, said Tuesday on the company blog. "We wonder just how serious Apple thinks the malware threat is, especially since their latest 'Get a Mac' ads highlight the fact that PCs running Windows suffer from viruses."

Observers already expected Snow Leopard to address security concerns. A page on Apple's website that publicizes the new OS version references malware, saying that Macs are "designed with built-in technologies that provide protection against malicious software and security threats right out of the box."

An Apple spokeswoman did not respond to a request for comment.

Meanwhile, Mac users should be on the lookout for fake offers of Snow Leopard downloads prior to Friday's release date. Researchers at Trend Micro reported Wednesday that they are aware of a number of websites claiming to offer free downloads of the platform. If users attempt to install the bogus program, their machines are infected with a DNS changing trojan from the JAHLAV family of malware.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.