
As we briefly mentioned yesterday, antivirus vendor Intego notes that it has received multiple tips that Apple's forthcoming Snow Leopard operating system appears to contain at least some rudimentary antimalware capabilities. According to screenshots of warning dialog boxes submitted by Snow Leopard users, the operating system is able to warn users that a downloaded file contains malware, specifically the OSX.RSPlug.A Trojan Horse first discovered in October 2007.
We're not sure yet exactly how this works, but the above screen shot shows this feature working with a download made via Safari, detecting a version of the RSPlug Trojan horse in a downloaded disk image.
MacRumors received the first report of this Snow Leopard feature in February 2009, soon after the release of developer build 10A261. But while the feature appears to have been present in Snow Leopard builds since that time, little is known about the functionality and from where Snow Leopard is drawing its information for identifying malware.
Intego's posting regarding the feature implies that Apple is not licensing the information from that company, while ZDNet has confirmed that Apple is not using the open-source ClamAV engine. It is possible that Apple is licensing the functionality in part from another commercial antivirus company or developing its own system, but Apple has not revealed any details about the feature on its extensive security page for OS X Snow Leopard, referring only to the existing standard scan of downloaded files to determine if an application is included in a given package.
Update: The Register notes that Apple has simply included information on two Trojan Horses, OSX.RSPlug.A and OSX.Iservice, in one of Snow Leopard's system files, identified to MacRumors as the following:
/System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/XProtect.plist
While Apple could certainly update this file with identifying information for new threats that arise in the future, there does not appear to be a full-fledged antivirus package with regularly-updated virus definitions deployed in Snow Leopard.
Top Rated Comments
I'm sure most people would consider malware a "headache" ;)
Strange, I have knowledge of Macs yet I deny that they ever get viruses. Can they be carriers? Sure. But they do not get infected. Perhaps I don't exist...
On another note, it makes it ironic that Apple commissioned the Mac vs PC commercial where the security guy for Vista was saying "Cancel or Allow" and OS X will now be doing this. :)
Personally I think the aple adverts should focus on the features Macs have rather than all the flaws windows pcs have. Because if you dont want the windows issues you install Linux for free. Yes the fanboys of PCS, mainly Dells have already started to stir up trouble. Personally I have a strong dislike of Dell machines.