As promised, Apple on Tuesday released a security update to get rid of MacDefender.
The update checks files downloaded via programs such as Safari, Mail and iChat and quarantines any unsafe file types. A box will come up asking if you’re sure you want to open a file — something you shouldn’t do if you have any doubts about a file.
In Snow Leopard, the patch also includes an updating list of malware definitions. Users can opt-out of this by unchecking the “Automatically update safe downloads list” checkbox.
Apple has also included a removal tool for MacDefender.
The security update is 2.1 MB and does not require you to restart your computer. It’s well-worth downloading, but it doesn’t mean you should drop your guard against malware.
This morning, CNET’s EdBott reported that there’s already a version of MacDefender that skirts Apple’s malware detection system, called MdInstall.pkg. The new version will also begin the installation process without asking for an administrative password.