9 Replies Latest reply: Apr 7, 2012 10:21 AM by thomas_r.
stephenfromwinchester Level 1 (0 points)

I have Macbook Pro and iMac. My wife has Macbook Air. I'm seeing news releases about a flashback virus hitting Macs around the world. How much our computers in danger? Should we be running some kind of test to determine whether we've been infected.

 

I saw what looked like a complicated solution in an article Fox News, plus there was a strong recommendation to put antivirus protection in our computures. Is Apple addressing these question anywhere?


MacBook Pro, Mac OS X (10.6.7)
  • BobTheFisherman Level 6 (13,544 points)

    Use software update from the apple icon on your desktop to update your computer's software. The updates address the virus.

  • Zyriab Level 4 (3,300 points)

    Apple has addressed this issue.  The Flashback trojan, note it's a trojan and not a virus, exploits a vulnerability in Java.  Apple have released an update to Java.  Dropdown the Apple menu (top left on the menu bar) and select 'Software Update' to ensure you have the latest Java release.  Also, if you're using Safari as your web-browser then open Safari -> Preferences -> Security and untick 'Enable Java'.  Your systems will then be as safe as they can be.

  • CT Level 6 (17,545 points)

    Mac Flashback malware: What it is and how to get rid of it (FAQ)

     

    Never install anything unless you are SURE of what it is.

  • stephenfromwinchester Level 1 (0 points)

    Thanks. I keep updates up-to-date. I don't install things that I'm not quite sure about. So I guess I'm as well-protected as I can be.

     

    The article on FoxNews implied a failure to act and protect on Apple's part. I haven't found that true.

  • Zyriab Level 4 (3,300 points)

    Nor me, I think Apple's response to this has been fine.  So long as you keep your system up to date, as long as you turn off Java in your browser, and as long as you don't install any software unless you're sure it's legit then this is all a storm in a teacup.  There is of course the 'social engineering' method of getting this malware where you're prompted to install a Flash update when you visit certain websites, but observe my third point earlier about not installing software unless you know it's legit and you're fine on that score too.  If you want to install the latest version of Flash then get it from Adobe's web-site, not by clicking a pop-up on some other web-site.  That should apply to all software you install on your system.  Let's be safe out there!

  • Vinnie1956 Level 1 (0 points)

    I agree with Zyriab's response.  Just keep current on the apple updates.

     

    Frankly, the fox news article read more like a Antivirus company wrote it trying to sell antivirus for the MAC.

  • a brody Level 9 (65,753 points)

    My question which I don't think we'll ever see an answer to is whether people with 10.6.7 or less are susceptible.  At least if you have 10.6 you can get to 10.6.8 in most situations, except the few authors who haven't updated to deal with differences between 10.6 and 10.6.8.   In the meantime, this tip tells you the tests you can try: https://discussions.apple.com/docs/DOC-3261

  • etresoft Level 7 (27,828 points)

    If you are still worried, I have created a user tip and malware checker/removal tool: https://discussions.apple.com/docs/DOC-3271

  • thomas_r. Level 7 (30,737 points)

    Some of the advice you've gotten is not quite accurate.  This malware is capable of installing itself as a "drive-by download"...  ie, you visit the wrong website (or one that has been compromised), you get infected.  That, to me, would be adequate to classify it as a virus, not a trojan.  (Though the malware is missing the "self-replication" aspect of a virus, so it's not really a virus either.)

     

    To protect yourself, turn off Java in your web browser and install any Java-related updates in Software Update.  If you think you may be infected, there are numerous guides online that will tell you how to detect it, but it may be easier to just install some AV software.  ClamXav and Sophos Anti-Virus for Mac Home Edition are both free and excellent tools for this purpose.  You would not necessarily have to keep the software installed after scanning.

     

    For more information about this and other threats, see my Mac Malware Guide.

     

    (Note that my pages contain links to other pages that promote my services, and this should not be taken as an endorsement of my services by Apple.)