Microsoft recently admitted, via the Director of it's Security Response Centre, that it doesn't report every Windows security vulnerability discovered and subsequently fixed via patches and updates. No big deal you might think, as long as the holes get fixed that's all that matter. I happen to agree, however that most vocal section of Microsoft-haters the Mac and Linux fanboy brigade certainly did not. Indeed, there was much waving of arms and displaying of indignation that Microsoft was 'cheating the figures' by not declaring security updates so as to be able to claim it was more secure than it actually is. Odd then, that the same folk have not as yet starting kicking up a similar fuss when Apple is caught doing the same thing.
According to security researchers at Sophos Mac OS X (10.6.4) includes limited protection against the Pinhead-B Trojan, and claim that Apple "secretly updated" the anti-malware protection built-into it when it released the new version earlier this week. The OSX/Pinhead-B (AKA HellRTS amongst Apple security aficionados) update, in the file XProtect.plist containing elementary signatures of some Mac threats, was not documented by Apple at all.
"What's curious to me is why Apple didn't announce they were making this update in the release notes or security advisory that came with Mac OS X 10.6.4. It's almost as if they don't want to acknowledge that there could be a malware threat on Mac OS X" says Graham Cluley, senior technology consultant at Sophos. "Many Mac users seem oblivious to security threats which can run on their computers, even though Apple has now built-in some elementary protection" continued Cluley "this lack of awareness isn't helped when Apple issues an anti-malware security update by stealth, rather than informing the public what it has done. You have to wonder whether marketing motives are at play behind such decisions".