Did you know that Mac OS X includes some very basic protection against malicious downloads?
When you download an application via Safari or an attachment in Mail and then try to open it, Apple checks the file against its “safe downloads list” (sometimes called “XProtect.plist” after its file name) to ensure it doesn’t contain any known Mac malware.
Mac OS X is supposed to check for updates to this malware definitions list daily, but you can force an update using one of the following techniques.
The first method is to click on the Apple menu and select “System Preferences…” and then from the main window click on Security, then click on the General tab, and then uncheck and re-check the box next to “Automatically update safe downloads list” (note that you may need to click on the lock and type an administrator password first). If you don’t see this checkbox, you should make sure you’re running either Lion (v10.7 or later) or the latest version of Snow Leopard (v10.6.8).
Although this is the simplest solution, it doesn’t give any indication of whether the update has actually completed, which is why I prefer to use the following alternative instead.
The second method is to download and install Safe Download Version, a freeware app created by Adam Christianson of The Mac Observer.
When you run Safe Download Version, it tells you the version of your currently installed definitions and their release date, lets you check for updates, and notifies you whether you already have the latest version installed or if a new update has been applied.
You can also check for updates by running XProtectUpdater via a Terminal command, as described in this article.
Although it’s nice to know you have the latest version of Apple’s malicious download definitions, don’t let it give you a false sense of security.
Apple’s download scanner also doesn’t offer any protection against malware for other platforms such as Windows, so you’ll have no way of knowing whether that flash drive you used at work or on a friend’s PC might be carrying an infection.
To step up your own Mac’s defenses, I recommend installing the free Sophos Anti-Virus for Mac Home Edition. You can see how it works compared with Apple’s safe downloads protection in the video below.
(Enjoy this video? Check out more on the SophosLabs YouTube channel and subscribe if you like.)