Discussion in 'The Watering Hole' started by Herman, May 26, 2011.
How to avoid or remove Mac Defender malware
My other half got that last week. It wasn't very pleasant. I got rid of it though, and scrubbed it down with dettol after.
Yikes. I've had my share of diseases on my PC's. Not fun ...
Thankfully malware remains very uncommon in the Mac world.
Thanks for this, Herman!
Apple will be releasing an OS update which will remove the malware, and prevent further occurrence - but of course the 'bad guys' will evolve a new version in due course.
At one place I worked we calculated the cost generated by viruses and malware in terms of damage, and then the cost of protecting in the first place. The total was horrific.
With my luck, when I switch to Mac, I'll probably bring all my germs with me.
MacGuard, new mac defender variant
The Mac Security Blog » INTEGO SECURITY MEMO – New Mac Defender Variant, MacGuard, Doesn’t Require Password for Installation
The #1 thing to do is turn off "open safe files after downloading" in safari. This will stop the content from opening even if it downloads. But that's not going to help people like my 70 year old mom, who insists on Googling and then chasing any flash game on the internet, regardless of what web site it's on. I just checked her machine this morning, though, and there's no sign of the thing.
Me: "Mom, don't go to websites you don't know, and don't click on "open" or "download" on anything you weren't looking to install"
Her: "But this isn't from a site I don't know. I got it from Google. And it's the only way I can play the card games I like"
When my kid got her Mac I set up her user account as non-Admistrator. Then I set up a second account as her Administrator account.
The new version to which Herman linked does not require a password, but it does require the account to be an Admin account.
So in my kid's case, it cannot install, unless she Authenticates.
Similarly, if my kid is in her standard user account, she does not have to go into the Admin account to install software etc. When she tries to install it, it will say she does not have sufficient privileges, and ask her to Authenticate, which simply means entering the user name and password of the Admin account.
This is pretty standard in corporate setups: the user retains full Admin capacity, but their daily working account is not an Admin account. This does not negatively impact their work in any way.
My wife's MacBook was set up the usual way - with her account as an Admin account. last night I simply added a new Admin account, then changed her everyday account to Standard.
Apple has released a security update, available through Software Update. Details:
About Security Update 2011-003
Separate names with a comma.