The bad guys have wasted no time. Hours after Apple released this update and the initial set of definitions, a new variation of Mac Defender is in the wild. This one has a new name, Mdinstall.pkg, and it has been specifically formulated to skate past Apple’s malware-blocking code.
The file has a date and time stamp from last night at 9:24PM Pacific time. That’s less than 8 hours after Apple’s security update was released.
On a test system using Safari with default settings, it behaved exactly as before, beginning the installation process with no password required.
As PC virus experts know, this cat-and-mouse game can go on indefinitely. Your move, Apple.
Welcome to a viable amount of the market share Apple.