3 Replies Latest reply: Apr 14, 2012 6:42 AM by MrHoffman
leocam Level 1 Level 1 (0 points)

Is it necesary change all paswords after desinffect mac whit the Java Update for Lion OS X 2012-003


iMac, Mac OS X (10.7.3)
  • 1. Re: Flashback virus detected
    LexSchellings Level 5 Level 5 (5,690 points)

    No.

  • 2. Re: Flashback virus detected
    Linc Davis Level 10 Level 10 (117,895 points)

    Yes.

  • 3. Re: Flashback virus detected
    MrHoffman Level 6 Level 6 (12,455 points)

    Yes.   Change your passwords.

     

    You've been breached, and everything about your system is now arguably untrusted, and backdoors can be left by the attackers.

     

    Can you get away with out changing your passwords?  Maybe.  Possibly.  This if you are willing to believe (trust?) that the particular variant of Flashback that got installed on your client didn't manage to grab your passwords, or your password file (for offline cracking), or didn't reset one of your lesser-used passwords to allow later access for the attackers.  As Apple states in their Flashback removal tool documentation: "This Flashback malware removal tool removes the most common variants of the Flashback malware."

     

    But if you're even asking this question, then your security policy might not be as robust as you would want it to be, and particularly given that these attacks are going to be more common.  Weak passwords have been a longstanding problem, and getting more secure passwords, VPNs and certificates configured can help prevent one of the (many) other security attacks that are underway from gaining access to your systems.

     

    With breached servers and higher-value clients, rolling in backups and rolling in known-good downloads and investigations into the specific details of the breach are common.  Some attackers can and do leave backdoors for themselves.