- 16 April 2012 10:05
Apple pumps out yet another Java update
Apple has delivered - or so it says - on its promise to provide a Flashback malware removal tool.
The new update is packaged in two flavours:
* Java for Mac OS X 10.6 Update 8, documented in HT5243.
* Java for OS X Lion 2012-003, documented in HT5242.
Both updates claim that "this Java security update removes the most common variants of the Flashback malware. "
The one for Lion goes a little further:
This update also configures the Java web plug-in to disable the automatic execution of Java applets. Users may re-enable automatic execution of Java applets using the Java Preferences application. If the Java web plug-in detects that no applets have been run for an extended period of time it will again disable Java applets.
The updates also include the latest Java version all over again, 1.6.0_31.
If you're using Snow Leopard, disabling Java in your browser won't happen automatically. It looks as though the Java applet autodisabler is Lion-only.
I'd love to tell you more about the Flashback remover supplied by Apple, but I'm afraid I don't know how.
There's no documentation about it; there's no information about how to run it by hand in the future, or how it works, or what variants of the malware it finds; and - at least on my uninfected 10.6 computer - it didn't give any visual indication that it had run at all. (Three words for Apple about security bulletins: promptness, clarity and openness.)
(Update. HT5247 has a bit more story about the removal tool. It's documented to say nothing if it finds nothing. Thanks to François for pointing this out.)
Also, of course, it won't protect you against reinfection, and it won't protect you against any other Mac malware.
So there you have it. Apple's Java distribution and the Flashback malware addressed in one go. Unless you have OS X Leopard (10.5) or earlier. If you do, you're still out of luck - no patches for you.
PS. See how I resisted the urge to mention the free Sophos Anti-Virus for Mac Home Edition, complete with detection, prevention and remediation of Flashback and heaps of other malware, at any point in the above article :-)
In this White Paper, IDC offers up some quantifiable benefits that Asian enterprises have observed as a result of deploying backup and recovery solutions. · Many enterprises are finding that the backup and recovery processes and technologies that they have implemented have not kept pace with the demands of the business · IDC identifies how organizations can experience savings and improvements from the deployment of different types of technologies · The benefits fall into three categories: storage environment cost savings; end-user productivity enhancements; and IT staff productivity optimization
- FTSearch/SEO/SEM/PPC - Multiple OpportunitiesVIC
- CCTech Support | IT Services Firm - Ad hoc Projects - Port Augusta / Whyalla AreaSA
- FTAcquisition Marketing ExceutiveNSW
- CCTech Support | IT Services Firm - Ad hoc Projects - Echuca AreaVIC
- FTStudio Design ManagerVIC
- FTProgram Manager - Integration & SolutionsNSW
- FTSearch/SEO/SEM/PPC - Multiple OpportunitiesNSW
Communications service providers face an array of complex challenges, from network growth and increasing security threats to technology transitions. In the face of these challenges, CSPs still need to plan for growth. Find out how
- Sydney Startup Weekend doubles attendance in one year
- ASIC unhappy with exclusion from data retention regime
- Australian Internet Security Initiative portal launched to help ISPs
- How SBS scaled up for FIFA World Cup online
- Hail pounds telecom networks in Queensland
- RMIT University builds virtual networking labs for students
- Weather.com fixes web application vulnerabilities
- Early version of new POS malware family spotted
- Syrian Electronic Army posts hacking message on several news sites
- Fastest LTE speed will be out of reach for most users
- EU net neutrality discussions to continue into the next year
- Over 23,000 Web servers infected with CryptoPHP backdoor
- Panasonic opens smart town targeting zero-emission houses
- Siemens patches critical SCADA flaws likely exploited in recent attacks
- European Parliament calls on Commission to consider breaking up Google