Trojan-Downloader:OSX/Flashback.I

According to this (from Sam) - it's been around for a while and is very LOW risk..

http://www.symantec.com/security_response/writeup.jsp?docid=2011-093016-1216-99

At first I thought the current flurry of news articles looked like a hoax, as some link to instructions on how to go into Terminal and "fix" it - I would not trust any online instructions on how to find/fix anything unless they come from Apple or an extremely reliable source.

Furthermore - if it was a real issue, Apple would release a software update addressing it IMHO.

Which they have done with the new Java update issued on Tuesday.

So does the update remove the threat from an infected machine ? or does it just prevent it happening?

The malware does require you have an older and unpatched version of Java installed, and then as with other malware requires you visit a malicious Web site (generally done when clicking spam links, or when browsing underground, ****, or warez sites).

This is one of the more prominent malware threats for OS X so far, but is still overall a relatively minor issue. However, a few people have reported finding it on their systems.

The fact is Java's security hole was unpatched in OS X for a while, and was exploited by malware that ended up taking advantage of a number of systems. Overall this is a very small percentage of the Mac install base, but is still a sizeable number.

There are several ways to detect and remove it, though it does somewhat depend on the variant you have encountered. Here is an article that covers some of this: http://reviews.cnet.com/8301-13727_7-57410096-263/how-to-remove-the-flashback-ma lware-from-os-x/

is there a tool which can check and remove automaticly?

What about for OS 10.5.8? I am definitely a novice and just heard about this. Should everyone disable java plugin? Where/how do we do that?

See About the Flashback malware.

(Note that my pages contain links to other pages that promote my services, and this should not be taken as an endorsement of my services by Apple.)

What about for OS 10.5.8?

Unfortunately, 10.6 is the oldest system that those Java patches are available for. Your 10.5.8 system will remain vulnerable, so you must turn off Java in your web browser ASAP. My link, in my other post on this topic, has instructions to tell you how to turn off Java in Safari and Firefox.

Malware scanners can do this, such as Sophos, ClamXav, and VirusBarrier X6, but so far there isnt a tool that I know of which is built and tested for specifically removing this malware threat.

That is an old update, which does not include a patch for any of the vulnerabilities involved in the Flashback malware.

This update brings Java only to release 17, wheras the problem with this latest flashback malware was fixed in release 31. Systems running OS X 10.5 or earlier have not yet received any updates that will address this vulnerability (CVE-2012-0507).