Apple adds stealth patch to fix Trojan vulnerability

Apple is accused of keeping quiet on a security fix for marketing reasons

Experts at Sophos have discovered a patch for Apple's anti-malware software that was not mentioned in the security notes accompanying the update released this week.

Analysis of the patch identified an update to the XProtect.plist file in OS X, which includes malware signatures and will block the HellRTS Trojan first seen in April.

The Trojan masquerades as iPhoto but gives an attacker control of the infected system, allowing it to be used to send spam and take part in distributed denial-of-service attacks.

"Unfortunately, many Mac users seem oblivious to security threats which can run on their computers. And that isn't helped when Apple issues an anti-malware security update like this by stealth, rather than informing the public what it has done," said Graham Cluley, senior technology consultant at Sophos, in a blog post.

"You have to wonder whether their keeping quiet about an anti-malware security update like this was for marketing reasons. 'Shh! Don't tell folks that we have to protect against malware on Mac OS X!'"

The amount of malware for Apple systems is tiny at present compared to the PC platform, but experts are warning that Apple users are complacent about security, a fact apparently reflected in the advice being given to customers.

Ian Whalley, a former Sophos employee, said in a Twitter post: "Overheard in Apple store: 'Macs never get viruses. It's impossible. Don't even worry about it.' Mmmm. Unwise."