iMacThere is a nasty rumor doing the rounds that Apple has released an internal document directing employees to neither confirm nor deny presence of any malware on customer machines. They have also been instructed not to attempt removal.

A fFew Points About Mac Defender

  • It is a Trojan and is one of the few malicious software programs to affect the OS X operating system.
  • OS X versions 10.4, 10.5 and 10.6 are listed as being vulnerable.
  • Mac Defender does not install itself automatically – the user enters his or her administrator password for it to be installed.
If the leaked internal document (which you can see here) is authentic then it would seem that Apple’s stance regarding Mac Defender is that staff should help users update their operating system to the latest version and direct them to the Apple Store so that they can purchase appropriate antivirus software. Some commentators are arguing that this position equates to Apple treating the problem lightly -- to this author that seems an overly simplistic viewpoint. As noted above, Mac Defender requires that the user enter his or her administrator password -- so users must actively install the software on their machine -- which would come after a first warning about installing programs from unknown sources. So, you can either decide that you want thousands of staff hours dedicated to helping people fix their own mistakes… or you can let the users pay for the mistakes themselves. While this author wholeheartedly agrees with pointing users toward antivirus software, the whole neither confirm nor deny thing stinks. I do realize that a whole team of lawyers probably sat down at a meeting and figured out that was the best way to avoid nuisance litigation, but when you know what is wrong with a paying customer’s computer don’t you have some sort of moral obligation to tell them? Apple seems to think otherwise. But maybe it is just a matter of learning to read between the lines. Presumably they would tell you if you don’t have malware -- so the not confirming, not denying stance might be taken as a tacit admission that yes, you have inadvertently installed a nasty piece of software. Malware is an embarrassing problem, but make no mistake: As Apple computers become more popular we are going to start seeing more malicious programs that target OS X. If you buy your software from the App Store, you are probably not going to have a problem. However, if you are partial to installing free software from possibly untrustworthy third parties, then a good antivirus program would probably make a sound investment.