How to Check if your Mac Malware Definitions List is Updated
The malware protecting Mac OS X Security Update will automatically download and update it’s malware definitions list from Apple, but if you’re like me you probably want to know how to manually check if the malware list is updated or not.
We’ll show you where the malware list is located and how to determine when it was last updated, and if you want to, how to forcibly update the malware definition file so that everything is up to date as it should be.
Check When the Mac Malware Definitions List was Last Updated
You’ll need to use the command line for this, but it’s otherwise a pretty simple procedure:
- Launch the Terminal (/Applications/Utilities/)
- Paste in the following command
- Look at the date entry between the string tags, shown highlighted below:
The date listed shows when the file was last modified, and the integer tag shows you which version the definitions list is. Assuming you haven’t disabled the anti-malware automatic updates (not recommended) and you are connected to the internet, this list should update on it’s own from Apple every day.
Note that sometimes the XProtect malware listing document is located at the following location instead:
The location is the same, the file name is slightly different (XProtect.plist vs XProtect.meta.plist).
How to Force the Malware Definitions List to Update in Mac OS X
If your malware definitions are outdated, or you are managing the updates yourself, you can force the list to download the newest version from Apple by doing the following:
- Launch System Preferences and click on the “Security” panel
- Click on the unlock icon in the bottom corner, enter your Administrator password to make changes
- Under the “General” tab, click to uncheck and then recheck the box next to “Automatically update safe downloads list”
The list should now update from Apple, you can verify you have the most up to date version by using the command line again as shown above.
This is a great tip, heads up to MacWorld, although they chose to use the ‘more’ command and I went with ‘cat’ mostly because it is shorter.