Saturday, November 30

The Java Flashback

0

Apple has recently discovered that 600 000 of their users have computers that have been infected with a virus. Immediately the idea that Apple Mac’s are virus free goes out of the window. The “Flashback” virus according to Kaspersky originated on a series of WordPress blogs.  The virus was distributed as a Trojan hidden in a fake Adobe update.

As soon as users click on the update,  the software is moved on to the users computer. The Flashback virus has most probably created a bot network. (A bot network consists of tens of thousands of compromised machines called drones or zombies that run malicious software.) Apple has since released a patch for this issue. It is recommended that Mac users immediately download the software to ensure that the issue is resolved.

The official Apple explanation is a bit hazy as they don’t go into a lot of detail. It makes sense, by not communicating the issue these virus makers have no idea how it is resolved.

Java for OS X Lion 2012-002 and Java for Mac OS X 10.6 Update 7
Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, Lion Server v10.7.3
Impact: Multiple vulnerabilities in Java 1.6.0_29

Description: Multiple vulnerabilities exist in Java 1.6.0_29, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_31.

If you are not sure whether your Mac is one of the 600 000, then the best would be to check for software updates. Download the patch and then your Mac should be a bit more safe.

Share.

About Author