More from yesterday’s revelation that Snow Leopard is protecting Mac users against certain file types.  Xprotect is the name of the plist file that Snow Leopard uses to look for malware.  It can be found here:

/System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/XProtect.plist

Currently there are two files that Snow Leopard is looking for.  OSX.RPlug.A and OSX.iservice (described as a very low threat by Symantec) are trojans that can be attached as payloads on shady bittorrent installs like the iWork and CS4 files discovered earlier this year.  They need users to purposefully install them after entering administrator credentials.

The file is below:

Although a baby step, this is Apple’s first forray into OS protection.  Apple could (and probably will) update this file as new threats emerge with Security Updates however .  Apple administrators could also edit this file, "protecting" users against bittorrent installers and other corporate "no-nos".

 

FTC: We use income earning auto affiliate links. More.


Check out 9to5Mac on YouTube for more Apple news:

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

About the Author