Yes, Snow Leopard Includes Antivirus

Now that the embargoes are lifted the reviews are in (here's our glowing one) and observers are confirming that Apple's latest OS X version Snow Leopard, includes anti-virus functionality.

Not much of an anti-virus—currently it detects two threats, OSX.RSPlug and OSX.IServices. I still haven't seen any reports as to whether Apple is home-brewing these definitions or buying them from elsewhere. Yesterday's theory that they might be Symantec's was denied to us by Symantec. This report says that the definitions can be updated via the Software Update process in OS X.

For years the anti-malware companies have been trying to get a toe-hold in the Mac market. There is at least one specialist, Intego, the company that broke this news yesterday, but nobody is really big in the market because malware hasn't been a really big problem on Macs and Apple's marketing has belittled even the possibility that it is. Two quote the ESET Threat Blog:Even a year or two ago, the inevitable responses on Mac lists to any mention of Mac malware were along the lines of:

• Mac viruses can't happen and Trojans don't matter
• Mac users are too smart to fall for social engineering
• If they do, it's their own fault.
• Go away and stop bothering me with this stuff.
• Not listening. La-la-la-la-la...

Now that there is protection inside OS X, it's going to be an even harder sell for 3rd party security products, even though the current Apple protection misses known threats (BTW, I can confirm it also doesn't find EICAR). Remember that Apple has a history of taking months, sometimes years, to fix known security vulnerabilities. If malware on the Mac becomes more common are they really going to ratchet up the Software Update channel to handle frequent updates?