More recent variants exploited other flaws – notably in Java. The first variants of Flashback appeared last September, masquerading as updates to Adobe's Flash player software. Mashable also offers links to a pair of scripts that will check Safari – though not other browsers – for infection.) ( The security company F-Secure has instructions so that Mac users can discover whether they are infected. Users of systems running earlier versions of Mac OS X are advised to disable Java. If you need further convincing of my reasons for this recommendation, I’d encourage you to browse through some of my past Java-related posts.Update: Apple has released the removal tool, for systems running Mac OSX 10.6 and 10.7. In Mozilla Firefox for Mac, click Tools, Add-ons, and disable the Java plugin(s).īroken record alert: If you don’t need Java, remove it from your system, whether you are a Mac or Windows user. Scroll down to the Plug-ins section, and click the link that says “Disable individual plug-ins.” If you have Java installed, you should see a “disable” link underneath its listing. In Google Chrome, open Preferences, and then type “Java” in the search box. In Safari, this can be done by clicking Preferences, and then the Security tab (uncheck “Enable Java”). If you need Java on your Mac only for a specific application (such as OpenOffice), you can unplug it from the browser by disabling its plugin. If you have Java but no longer need it, get rid of it. While Apple stopped bundling Java by default in OS X 10.7 (Lion), it offers instructions for downloading and installing the Oracle-developed software framework when users access webpages that use it. On the issue of security in general, Apple appears to still have its head firmly planted in the sand: F-Secure notes that Apple still has not shipped an update that fixes this Java flaw on OS X 10.5 (or earlier), even though 16 percent of all all Macs still run this OS. Forbes’ Andy Greenberg published a fascinating piece on Wednesday showing that when it comes to working with the security community, Apple is still a bit like a spoiled toddler who hasn’t yet learned to play nice with other children in the sandbox. But Apple’s actions speak much louder than words. In its advisory, Apple said it “is working with ISPs worldwide to disable the command and control network” that criminals were using to direct the activities of the Flashback botnet. Users may re-enable automatic execution of Java applets using the Java Preferences application.” If the Java web plug-in detects that no applets have been run for at least 35 days, it will again disable Java applets. It includes no new security fixes, but it adopts a novel approach to the debate over whether to temporarily disable or remove Java: “It configures the Java web plug-in to disable the automatic execution of Java applets. ET: Apple just released a new version of Java that includes a Flashback remover. Java for OS X Lion 2012-003 delivers Java SE 6 version 1.6.0_31 and supersedes all previous versions of Java for OS X Lion. Flashback attacks a well-known Java flaw, but it’s worth noting that Apple released the Java patch only after Flashback had begun infecting hundreds of thousands of Macs. The company’s advisory on this threat is predictably sparse, and focuses instead on urging users to apply a recent update for Java. Inexplicably, it has not yet released this tool, nor has it added detection for it to the XProtect antivirus tool built into OS X. Where is Apple’s response in all of this, you ask? Apple says it is developing software that will detect and remove Flashback. The service requires users to enter their Mac’s hardware unique user ID (HW-UUID), because this is how the miscreants who were running the botnet kept track of their infections.į-Secure Corp., the Finnish security firm that worked with Dr.Web to more accurately gauge the true number of Flashback-infected Macs, has a Flashback Removal Tool available for download from its Web site. Dr.Web, the Russian antivirus vendor that first sounded the alarm about the outbreak, has published a free online service that lets users tell whether their systems have been seen phoning home to Flashback’s control servers (those servers have since been hijacked by researchers). Since the discovery last week of the Flashback Mac botnet, several security firms have released tools to help detect and clean up Flashback infections. Screen shot of Flashback detection tool from Dr.Web
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |