Gatekeeper is OS X's security against malware and adware, but it isn't foolproof. A new warning shows how it can be exploited.
Since OS X 10.7.5 Lion Apple has had a security feature called Gatekeeper. Gatekeeper tries to keep the Mac safe from malware and adware. It isn't foolproof, though. A new report shows how one adware installer manages to make it through OS X's defenses. Read on for details.
Writing for The Mac Observer, John F. Braun explains how a fake Adobe Flash installer has managed to make it past OS X's defenses.
In the case of our nefarious Flash installer, the attackers built an application that looks like Apple's installer, but in the end is just another, normal application. Since the developers chose to identify themselves with Apple and get a certificate, Gatekeeper did nothing to stop us from running it.
I don't expect it'll be too long before Apple rescinds this developer's certificate. They've done it before for other certificates that have gotten abused in similar fashion.
From a security standpoint, the safest thing you can do is to only run software installers from vendors you know and trust. In the case of Adobe Flash, make sure the installer comes from Adobe and only Adobe — assuming you need to run Flash at all. If you're new to the Mac platform, I'd recommend just sticking with what you can find on the Mac App Store for the time being.