Apple releases Mac OS X Lion - Sophos users are protected

Filed Under: Apple, Malware, Vulnerability

OS X LionAfter the usual protracted period of speculation and rumour, Apple finally launched the latest version of Mac OS X today. Code-named "Lion", version 10.7 is the first update to the ten-year-old operating system since Snow Leopard in 2009.

I'm very pleased to announce that our currently shipping versions of Sophos Anti-Virus for Mac - both Corporate and Home editions - are compatible with Lion. In fact, we've been compatible since we released version 7.3.0 in June 2011*.

With their closely-guarded approach to release dates, Apple don't make it easy for us to plan our efforts so I'm particularly proud of our engineering team who have kept on top things through all the preview releases.

Lion is widely seen as moving the Mac closer to the enormously successful iPhone and iPad devices. From a user interface point of view, this includes "Launchpad", a way of organizing and running applications with icons on a paged, full-screen interface that will be very familiar to iPhone and iPad users, and better support for full screen applications.

Lion

Lion also contains some interesting security features. Under the hood, there is application sandboxing for programs distributed through the App Store. Sandboxing limits the kinds of interactions an App can have with other parts of the system. Before publishing, Apps must go through an approval process that requires them to touch only those components they really need to. Although the App Store on iOS has helped in keeping malware off that platform, bear in mind that the App Store is not the only way to download and install software on the Mac.

Lion also provides a more complete implementation of Address Space Layout Randomization (ASLR). This affects how OS X loads programs into memory and means attackers can no longer use exploits that assume targeted data or routines will be found at fixed locations. It's been implemented in other operating systems like Windows and Linux for some time now so it's good to see Apple catching up.

Although there's much in Lion that I like, one of the features I'm not sure about yet is "Resume". This feature means applications will generally start up where they left off. If you close down a program while editing a particular file, that file will be opened again next time you start. In general, this makes life much easier: but woe betide if you fire up your Mac while connected to a projector in a meeting room after using it to do some personal browsing the night before!

The Resume feature is the visible tip of another iceberg of structural changes to how apps behave, including automatically shutting down an application when its main window is shut, and periodically closing idle applications.

All in all, there are some good steps forward for security. Now the big question is, as with any major software release, how soon will you feel safe installing it on your own computer?

What are your plans? Do you expect to upgrade to Lion this week, or are you going to wait for a while? Let us know by answering our survey.

For all the gloss on what's new, check out Apple's website.

*If you are running Sophos Anti-Virus on your Mac, please make sure it's at version 7.3.0 or above before you upgrade because Apple have informed us that older versions will be automatically disabled by the upgrade process.

If you're not already running Sophos Anti-Virus for Mac, why not download our free Home Edition. Did I mention it's free?

, , , , , , , , , , , , , ,

You might like

9 Responses to Apple releases Mac OS X Lion - Sophos users are protected

  1. John Baxter · 1009 days ago

    Sacrificial Mac Mini: installing today.

    Main iMac: depends upon what I see on the Mini.

    (I can restore the Mini by cloning a bootable clone of the iMac if needed.)

    Thanks for letting us know that Sophos AV supports Lion.

  2. NZJourneyMan · 1009 days ago

    Is it just me or does the whole iOS launchpad icon idea look like Windows 3.0?

  3. Jon · 1009 days ago

    I love scrolling using 2 fingers! I can't believe how much I'm enjoying scrolling around in the same way that I can on my android phone - I'm such a sucker for the shiny things.

  4. spookie · 1008 days ago

    @NZJourneyMan It's just you. Win3.0 had 16 bit graphics and looked NOTHING like iOS or OSX.

    Hey, Sophos, you spend the whole of 2011 so far convincing me to download your AV to my Macs, then fail to update it before Lion's release? Seriously? NOW you tell me to install 7.3.0 or above BEFORE I install Lion? TOO LATE! Why not push an update when you push virus definitions? I'd like to remove it. Does it need an uninstaller or can I just drag it into the trash like a well-behaved OSX app?

    @Jon I've been scrolling with two fingers since Leopard. (And dragging with three and control-click with a two finger click, and...yada yada)

    • Are you talking about the free Sophos Anti-Virus for Mac home edition? It comes with an uninstaller (look for Remove Sophos in your Applications folder). I'm afraid we can't do any support for products here on Naked Security, so please visit our support community at http://openforum.sophos.com/freemacav if you need more assistance.

      *But*, have you actually checked the version number of the Sophos protection that you have installed? Mine, for instance, is already at 7.3.1 without requiring any manual intervention from myself.

    • Bob Cook · 1008 days ago

      @spookie: The product auto-updates (assuming you left it in its default configuration and allowed it the right network access). If you have purposely prevented the product from updating then you will likely have to do it manually. There is an uninstaller, you'll find it in the Applications folder (assuming you are using the free home edition, the business edition puts the uninstaller in a different place). Unfortunately the standard "drag to the trash" method won't work because it will orphan the kernel extensions installed (those are needed to provide the transparent scanning of files as you save them to disk).

  5. Second paragraph down, it says you've been compatible since 3.7.0 / June 2011, surely that a typo and you've not jumped 3.6 versions in little over a month? :-)

    spookie, Chill out dude.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Rich is a Senior Product Manager with responsibility for Web Protection across Sophos's product range. He has been with Sophos for so long that his first job involved mailing out anti-virus updates on 5¼" floppies. Feel free to contact him by email.