In an e-mail to developers and a post on its website, Apple has laid out the proper process for downloading Xcode after hundreds of apps were found to be using a malware-laden version of the IDE. Apple states that Xcode should always be downloaded from the Mac App Store or the Apple Developer website and validated by Gatekeeper to ensure the downloaded software hasn’t been contaminated.
For those wanting to test a version of Xcode they’ve already downloaded, Apple’s post provides the proper command to run on a Gatekeeper-enabled computer to verify the version came from a legitimate source.
Update: In an interview with Chinese website Sina, Apple’s chief marketing executive Phil Schiller said the company is also making Xcode available for domestic download to Chinese developers to eliminate the need for third-party downloads.
Schiller added that the company has found no known instances of apps affected by the malware transmiting customer data, but Apple still plans to warn users of the tainted apps to delete or update them. [via Reuters]
.
