Feeds

Apple accused of hushing up security update

Fails to 'fess up to Trojan vuln

Build a business case: developing custom apps

Apple has been accused of secretly adding a security update to its operating system without telling users, or anyone else.

The update released last week included protection against a Trojan that could allow a hacker to take control of your machine. The HellRTS Trojan has been added to the Mac's list of signatures used to detect dodgy software, according to Sophos' ubiquitous Graham Cluley.

Malware purveyors do not target Macs as much as PCs, which are more tempting because there are more of them.

Cluley claims that Mac users too often ignore security, "And that isn't helped when Apple issues an anti-malware security update like this by stealth, rather than informing the public what it has done. You have to wonder whether their keeping quiet about an anti-malware security update like this was for marketing reasons. 'Shh! Don't tell folks that we have to protect against malware on Mac OS X!'"

Cluley admits there is far less malware around for Macs but warns that continuing to ignore the potential problem could itself encourage hackers to start targeting the operating system.

He said that overall he welcomes any move to improve security but still thinks people should buy anti-virus software too. His company, Sophos, does of course sell Mac and Windows products...

Apple declined to comment, beyond providing this link to the upgrade. ®

Endpoint data privacy in the cloud is easier than you think

More from The Register

next story
Microsoft's Euro cloud darkens: US FEDS can dig into foreign servers
They're not emails, they're business records, says court
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Multipath TCP speeds up the internet so much that security breaks
Black Hat research says proposed protocol will bork network probes, flummox firewalls
Plug and PREY: Hackers reprogram USB drives to silently infect PCs
BadUSB instructs gadget chips to inject key-presses, redirect net traffic and more
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
prev story

Whitepapers

7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?