Skip navigation

Java Trojan on OSX

6113 Views 23 Replies Latest reply: Apr 13, 2012 10:04 AM by Gerard James RSS
  • MadMacs0 Level 4 Level 4 (3,330 points)
    Currently Being Moderated
    Apr 6, 2012 7:21 PM (in response to HACKINT0SH)

    HACKINT0SH wrote:

     

    Anyway, I know we are not going to agree here, so let's just agree to disagree.

    OK, I'll take the bait. Do you disagree with Thomas (I know you often do) or with me? All I said was that all known viruses have been patched on an up-to-date OS X 10.6.8 and above. I know there have been disagreements among experts as to whether or not certain of these malware qualified as a virus or not, but that seems futile to debate after all this time, especially since I have no opinion on it.

     

    I do feel that there is sufficient evidence that this current Flashback variant acts in a viral manner toward anybody on an Intel Mac using OS X 10.6.7 or earlier, with Java installed & enabled, who are not using Little Snitch and who visits a poisoned web site. Such users will be infected with no action on their part beyond cancelling a dialog box.

     

    All recommendations are that such users update to 10.6.8 if at all possible or to disable Java, at least in their browsers, if they are unable or unwilling. It's also possible to tweek Java Preferences from their default settings to minimize the risk "Java Hardning Tips," but know that new users can quickly get lost in the details of doing so.

  • MadMacs0 Level 4 Level 4 (3,330 points)
    Currently Being Moderated
    Apr 6, 2012 7:22 PM (in response to WZZZ)

    WZZZ wrote:

     

    MadMacs0 knows the difference between a  virus and a trojan. Please stop baiting him.

    Thanks for the vote of confidence. I even know that Flashback is technically a "Backdoor" and not a Trojan, but I don't really want to debate that issue, either.

  • smackntoss Level 1 Level 1 (0 points)
    Currently Being Moderated
    Apr 11, 2012 11:00 PM (in response to denisefromsalisbury)

    Apple's statement about Flashback malware:

    http://support.apple.com/kb/HT5244

     

    Link to Java Update 7 for Mac OS X 10.6:

    http://support.apple.com/kb/DL1516

     

    Link to Java Update 2012-002 for OS X 10.7:

    http://support.apple.com/kb/DL1515

     

    Over a half-million Macs have been affected. Note that the above Java updates don't  delete infected files. What you need to know about Flashback is here with links to removal tools and recommended antivirus apps:

    http://www.forbes.com/sites/adriankingsleyhughes/2012/04/07/an-easy-way-to-check -your-mac-for-the-flashback-malware/

     

    How to disable Java in Safari, Chrome and FireFox (highly recommended):

    https://community.rapid7.com/videos/1373

     

    For those who don't understand the difference, Java and JavaScript are two competely different things.

  • smackntoss Level 1 Level 1 (0 points)
    Currently Being Moderated
    Apr 12, 2012 5:54 PM (in response to denisefromsalisbury)

    2 new Java security updates issued today:

     

    Java for OS X Lion 2012-003:

    http://support.apple.com/kb/DL1515

     

    Java for Mac OS X 10.6 Update 8:

    http://support.apple.com/kb/DL1516

     

    Apple Summary:

    These updates remove the most common variants of the  Flashback malware

  • Gerard James Level 1 Level 1 (5 points)
    Currently Being Moderated
    Apr 12, 2012 7:49 PM (in response to smackntoss)

    I still see Java for OS X Lion 2012-002 at the above link?

  • MadMacs0 Level 4 Level 4 (3,330 points)
    Currently Being Moderated
    Apr 12, 2012 7:58 PM (in response to Gerard James)

    Gerard James wrote:

     

    I still see Java for OS X Lion 2012-002 at the above link?

    Strange, I see 2012-003. They must still be rolling out updates to various support servers around the world.

  • Gerard James Level 1 Level 1 (5 points)
    Currently Being Moderated
    Apr 12, 2012 8:06 PM (in response to MadMacs0)

    MadMacs0 wrote:

     

    Gerard James wrote:

     

    I still see Java for OS X Lion 2012-002 at the above link?

    Strange, I see 2012-003. They must still be rolling out updates to various support servers around the world.

    What I meant is that if you go to these two links:

     

    Java for OS X Lion 2012-003

    http://support.apple.com/kb/DL1515

     

    Java for Mac OS X 10.6 Update 8

    http://support.apple.com/kb/DL1516

     

    Which are both pointed to from the main Apple Support Downloads page at:

     

    http://support.apple.com/downloads/

     

    You'll still see:

     

    Java for OS X Lion 2012-002 and Java for Mac OS X 10.6 Update 7 respectively. Maybe they haven't fully updated their site yet or maybe they're only available through software update. Has anyone tried them yet?

  • MadMacs0 Level 4 Level 4 (3,330 points)
    Currently Being Moderated
    Apr 12, 2012 9:58 PM (in response to Gerard James)

    Gerard James wrote:

    Which are both pointed to from the main Apple Support Downloads page at:

     

    http://support.apple.com/downloads/

     

    You'll still see:

     

    Java for OS X Lion 2012-002 and Java for Mac OS X 10.6 Update 7 respectively. Maybe they haven't fully updated their site yet or maybe they're only available through software update. Has anyone tried them yet?

    But I don't. I've been seeing Java for OS X Lion 2012-003 and Java for Mac OS X 10.6 Update 8 since late afternoon (US/PT), when I returned to my computer.

     

    Several people in the Apple Community Support discussions forum have used both without issue. Those who thought they might be infected were and most who were just testing were not. The update tells you if you were infected but is silent if not.

     

    Why do you not want to use Software Update?

  • Gerard James Level 1 Level 1 (5 points)
    Currently Being Moderated
    Apr 13, 2012 10:04 AM (in response to MadMacs0)

    They seem to be pointing to the right place now, they were flipping back and forth between Mac OS X 10.6 Update 7 and Mac OS X 10.6 Update 8 yesterday. I downloaded the security update just now.

     

    Why don't I want to use software update? I never use it. Always manually download combo updates and security updates. Look what happened with the last 10.7.3 delta update and the last security update for 10.6. Too many problems.

1 2 Previous Next

Actions

More Like This

  • Retrieving data ...

Bookmarked By (1)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.