- 16 April 2012 10:05
Apple pumps out yet another Java update
Apple has delivered - or so it says - on its promise to provide a Flashback malware removal tool.
The new update is packaged in two flavours:
* Java for Mac OS X 10.6 Update 8, documented in HT5243.
* Java for OS X Lion 2012-003, documented in HT5242.
Both updates claim that "this Java security update removes the most common variants of the Flashback malware. "
The one for Lion goes a little further:
This update also configures the Java web plug-in to disable the automatic execution of Java applets. Users may re-enable automatic execution of Java applets using the Java Preferences application. If the Java web plug-in detects that no applets have been run for an extended period of time it will again disable Java applets.
The updates also include the latest Java version all over again, 1.6.0_31.
If you're using Snow Leopard, disabling Java in your browser won't happen automatically. It looks as though the Java applet autodisabler is Lion-only.
I'd love to tell you more about the Flashback remover supplied by Apple, but I'm afraid I don't know how.
There's no documentation about it; there's no information about how to run it by hand in the future, or how it works, or what variants of the malware it finds; and - at least on my uninfected 10.6 computer - it didn't give any visual indication that it had run at all. (Three words for Apple about security bulletins: promptness, clarity and openness.)
(Update. HT5247 has a bit more story about the removal tool. It's documented to say nothing if it finds nothing. Thanks to François for pointing this out.)
Also, of course, it won't protect you against reinfection, and it won't protect you against any other Mac malware.
So there you have it. Apple's Java distribution and the Flashback malware addressed in one go. Unless you have OS X Leopard (10.5) or earlier. If you do, you're still out of luck - no patches for you.
PS. See how I resisted the urge to mention the free Sophos Anti-Virus for Mac Home Edition, complete with detection, prevention and remediation of Flashback and heaps of other malware, at any point in the above article :-)
BIG-IQ Security makes it easy to manage the entire firewall policy life cycle. Read about the key benefits and download the policy auditing and security compliance report today
- FTSenior Media TraderNSW
- FTDigital Account Manager X 3 | Display + Video advertisingNSW
- FTCampaign Managers | RTB | Display + Video | Trading desk |SydneyNSW
- FTCampaign Managers| RTB / Programmatic | Expression of InterestNSW
- FTMedia Planner Buyer - Media Trader OpportunitiesNSW
- FTSearch Account ManagerNSW
Rackspace Hosting, the world’s leading specialist in hosting and cloud computing, wanted to offer its customers an easy way to link dedicated managed servers to cloudbased servers. The company used Application Delivery Networking devices from F5 to help build a hybrid service called RackConnect.
- Google lets Apps users bypass admins and install third-party Marketplace tools
- The kill switch is here: iOS 8 enables it by default
- Reports of another wave of layoffs rekindle bad press for Microsoft
- AT&T to put service setup in enterprise customers' hands
- MIT's Cheetah robot is off its leash, running and jumping
- Scary video highlights danger of damaged Lithium Ion batteries
- Have a spare $9,000? Join Facebook for the rich
- iOS app devs warn customers off iOS 8's iCloud Drive
- Qlik courts the business manager with easier analytics
- iOS 8 is here -- and it's all over your network
- PGP creator, other top cryptographers head 2014 National Cyber Security Hall of Fame class
- Steve Jobs' office at Apple remains exactly as he left it
- Apple releases iOS 8, starts serving upgrade downloads
- What is Metacloud and why did Cisco buy it?
- Dropbox upgrades API for its lightweight app databases