Without any fanfare, Apple added new functionality to the Safe Downloads List (XProtect) feature of Mac OS X in late September. The new feature allows Apple to block certain known-vulnerable versions of browser plug-ins such as Oracle Java and Adobe Flash Player.
Apple is currently only blocking certain very old versions of Flash Player and one particular version of the Java plug-in. More recent versions of these plug-ins with numerous publicly exploited vulnerabilities are not currently blocked by Apple, so in practice this feature does not currently provide a lot of protection.
More details about recent XProtect updates can be found in my article at The Mac Security Blog:
Apple Updates XProtect Malware Definitions for Latest Imuler Variant
For more from the JoshMeister on Security, please subscribe via e-mail or RSS, or follow me on Twitter or Google+.
Friday, November 16, 2012
Subscribe to:
Posts (Atom)