Re: Malware (antivirus) software for Macintosh

["Everett, Alex D" <alex.everett () UNC EDU>]

Well put, Louis.
There must be a good reason why you had fewer- maybe more systems with AV (it was a wake up call for many here) or more 
secure web surfing habits for your users.

Sincerely,

Alex Everett, CISSP, CCNA
University of North Carolina

On May 18, 2012, at 10:23 AM, Louis APONTE wrote:

Alex

You are correct Apple knew about this we all know that a response was slow incoming. I am not sure why Flashback was a 
non-event for us, since I have a very small population on McAfee anti-malware 1.x or (9.1.0.4478) I spot checked 
critical systems at the start of this, what I found was tons of needed updates queued up. I guess what I said badly was 
you need an AV solution in place (McAfee does rather well on snow leopard and Mt lion ), but don't forget the 
importance of patching via updates if you have no other central solution for Mac patching. We also enable the Mac 
firewall and include that in our guidelines on securing Macs. No I would never say you don't need a Mac AV solution, 
the only box I have in my office completely free of threats is a tissue box.




Louis Aponte
Weber State University

On 5/17/2012 at 2:50 PM, in message <848EA831-20E8-4958-A96E-8715EC4A52A0 () unc 
edu<mailto:848EA831-20E8-4958-A96E-8715EC4A52A0 () unc edu>>, "Everett, Alex D" <alex.everett () UNC 
EDU<mailto:alex.everett () UNC EDU>> wrote:
Louis:

Maybe I am misreading this, but Apple Updates did not offer protection in time, though patching is of course sound 
advice.
A Java vulnerability was not patched until after exploitation took place.
We did have good experience with anti-malware software if the user had it already installed.
We had poor experience with network security mitigation technologies.

References:
https://www.securelist.com/en/analysis/204792227/The_anatomy_of_Flashfake_Part_1

Sincerely,

Alex Everett, CISSP, CCNA
University of North Carolina
Chapel Hill, NC

On May 17, 2012, at 4:01 PM, Louis APONTE wrote:

Hi

McAfee antimalware here, I have to say keeping your Mac software updates current was primary protection vector we saw 
for Flashback. As Apple released the two or three OS patches we installed asap. I am saying its best to do both in 
tandem for best results set OS updates to daily and install automatically as a service for your Mac users, and have AV 
of one kind or another. Very few of our users disagree with this approach.



> > > On 5/17/2012 at 01:17 PM, in message <99589267-1F4D-430C-ACE0-5E75F39521D5 () uvm 
> > > edu<mailto:99589267-1F4D-430C-ACE0-5E75F39521D5 () uvm edu>>, Dean Williams <dean.williams () UVM 
> > > EDU<mailto:dean.williams () UVM EDU>> wrote:
A rash of Flashback infections has us thinking about mal ware protection for our Macintoshes.  Is anyone using a 
product that you’d recommend (or recommend against!)?   If you are supporting mal ware protection for your Macintoshes, 
is the impact on system performance acceptable?   Is it effective in preventing or at least detecting infections?  Are 
updates timely?  Is it affordable?

Thanks for any experience or insight you can share.

Dean Williams, GSLC
Information Security Officer
Enterprise Technology Services
University of Vermont
Dean.Williams () uvm edu<mailto:Dean.Williams () uvm edu> | 802-656-1174
http://www.uvm.edu/it/








Sincerely,

Alex Everett, CISSP, CCNA
Information Security Office
University of North Carolina at Chapel Hill
919.445.9393



Sincerely,

Alex Everett, CISSP, CCNA
Information Security Office
University of North Carolina at Chapel Hill
919.445.9393