Apple updates XProtect for HellRTS, Sophos carps

June 18, 2010

Buried in the minutia of this week’s Mac OS X 10.6.4 Update for Snow Leopard, in addition to a huge number of documented changes, is an update to the operating system’s modest malware detection functionality “” the addition of recently discovered trojan that targets the fairer platform.

Antivirus vendor Sophos has discovered that has updated its integrated Mac anti-malware protection with release of OS X 10.6.4. This undocumented addition to an undocumented operating system feature checks for the presence of the HellRTS trojan in addition to a handful of other known Mac trojans.

“It’s good that Apple has updated its Mac OS X malware protection, as this Trojan can give hackers the green light to send spam email from your computer, take screenshots of what you are doing, access your files and clipboard and much much more,” said Graham Cluley, senior technology consultant, Sophos. “But what’s curious to me is why Apple didn’t announce they were making this update in the release notes or security advisory that came with Mac OS X 10.6.4. It’s almost as if they don’t want to acknowledge that there could be a malware threat on Mac OS X.”

Wow, say the words “that there could be a malware threat” out loud.

      For what it’s worth, you can find the XProtect.plist file here:


Yes, Sophos sells antivirus software for the Mac and the entire purpose of their press release is to market their products, plain and simple. That is, they make money when they make you frightened enough to spend.

That said, there are a handful of free and capable antivirus apps for the Mac, including PCTools iAntiVirus. However, the AV app installed on my Mac is and has been ClamXav “” it’s fast, easy to schedule and isn’t a resource pig.

Be Sociable, Share!

Recent stories

Featured stories

RSS Technology news

RSS Windows News

RSS iPhone & Touch

RSS Mobile technology news

RSS Green tech

RSS Buying guides

RSS Gaming news

RSS Photography news


Copyright © 2014 NS