Troubleshooting Apple’s Malware Protection

10.06.2011
If you've installed , you have the benefit of Apple's protection against various malware attacks, most notably the recent Mac Defender Trojan Horse variants. This protection will locate and, in some cases, delete malware that shows up on your drive.

What happens when new malware attacks appear on the scene? That's part of the beauty of Apple's approach. Apple can automatically update the malware definitions on your drive, without requiring any action on your part. That way, there's no need to download a new Security Update each time. To enable this feature (assuming that giving Apple this authority doesn't make you more nervous than the threat of malware), turn on the "Automatically update safe downloads list" option in the General tab of the Security System Preferences pane.

This updating is a great convenience--except when it doesn't work. In theory, after Apple releases a definitions update, the changes should be pushed to your Mac within the next 24 hours. Additionally, if you restart your Mac at any time, this should force an install of the latest update. In practice, things have not always gone so smoothly.

When I checked with a group of colleagues, only about 50 percent of us had gotten an update within the expected 24 hours. For those of us who did not get the update (which included me), the reason was not related to whether our Macs were asleep at the "wrong" time. Even when a Mac was set to never go to sleep, the update did not arrive. Similarly, if we restarted our Macs, supposedly forcing an update, nothing happened.

In most cases, if we simply waited long enough (48 or even 72 hours), the update would eventually arrive. On at least one occasion, however, I had not received an update that had been out for four days.

I am convinced that there is a bug in play here, apparently one that affects only a subset of users.