Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

os x update

My automatic updates installed the os x update 8 and I installed same update as I was in panic mode with the whole flashback issue, so now it's listed twice in update history. Question is, is this update installed twice? First update lists version 8, manual update doesnt give version just says update 8.

Posted on Apr 15, 2012 11:51 AM

Reply
Question marked as Best reply

Posted on Apr 15, 2012 11:56 AM

Release 8 for Snow Leopard should remove malware variants known at the time of its release and install a new version of Java that will block future infections from the known variants of the malware.


Installing it twice doesn't affect you adversely.

9 replies

Apr 15, 2012 12:22 PM in response to Niel

But the second update I did doesnt list the version....I know Im paranoid but the first automatic update found the flashback and of course removed it and installed the java update which lists the version 8. I just want to be sure I didn't overrite the first update. I know I sound paranoid...thanks for your help!

Apr 15, 2012 12:36 PM in response to Grant Bennet-Alder

Thursday news:

According to Apple, the new tool removes "the most common variants" of the malware, as well as turning off automatic execution of Java applets on Web pages.

The most recent update from Apple is in essence a removal tool that rides along with a Java update, and the company said that the fix also changes the way that OS X handles Java applets.

: As a security hardening measure, the Java browser plugin and Java Web Start are deactivated if they are unused for 35 days. Installing this update will automatically deactivate the Java browser plugin and Java Web Start. Users may re-enable Java if they encounter Java applets on a web page or Java Web Start applications. Further information is available at http://support.apple.com/kb/HT5242


Apple has posted a Flashback malware removal tool, available for Macs running Mac OS X 10.7.3 that do not have Java installed.

Thursday's update also disables automatic execution of Java applets in the Java browser plug-in; the exploit used by Flashback to infect Macs was hidden inside a malicious Java applet hosted on compromised websites.

"Users may re-enable automatic execution of Java applets using the Java Preferences application. If the Java web plug-in detects that no applets have been run for an extended period of time it will again disable Java applets."

When it comes to being targeted by drive-by-downloads and exploits - for which there is no patch - this is a problem that PC users have had for years. Honestly, there is little that end users can do about it.

... as Andrew Jaquith put it in a May 2011SecurityWeekColumn, “don’t panic over the latest malware story.”

Dealing with security on a Mac can come down to a few basics. Stick to common sense security, such as avoiding risky Web behavior, patching regularly, maintaining backups, and using password management tools. Attacks such as Flashback are bad, of that there is no doubt, but they’re also rare. Remember Flashback was the first of its kind for Mac.


April 14, 2012:

New targeted Mac OS X Trojan requires no user interaction

By Emil Protalinski | April 14, 2012, 12:44pm PDT (Saturday)

Summary: A new Mac OS X Trojan referred to as Backdoor.OSX.SabPub.a or SX/Sabpab-A is also exploiting Java vulnerabilities in a way that requires no user interaction. It is being used in targeted attacks.

Another Mac OS X Trojan has been spotted in the wild; this one exploits Java vulnerabilities just like the Flashback Trojan. Also just like Flashback, this new Trojan requires no user interaction to infect your Apple Mac. Kasperskyrefers to it as “Backdoor.OSX.SabPub.a” whileSophos calls it at “SX/Sabpab-A.”

Apr 16, 2012 11:16 AM in response to The hatter

The hatter wrote:


April 14, 2012:

New targeted Mac OS X Trojan requires no user interaction

By Emil Protalinski | April 14, 2012, 12:44pm PDT (Saturday)

Summary: A new Mac OS X Trojan referred to as Backdoor.OSX.SabPub.a or SX/Sabpab-A is also exploiting Java vulnerabilities in a way that requires no user interaction. It is being used in targeted attacks.

Another Mac OS X Trojan has been spotted in the wild; this one exploits Java vulnerabilities just like the Flashback Trojan. Also just like Flashback, this new Trojan requires no user interaction to infect your Apple Mac. Kasperskyrefers to it as “Backdoor.OSX.SabPub.a” whileSophos calls it at “SX/Sabpab-A.”

Kaspersky FUD! It's an MS Word exploit, patched in June 2009 that has nothing to do with Java.


http://www.zdnet.com/blog/security/new-version-of-mac-os-x-trojan-exploits-word- not-java/11566

Apr 16, 2012 12:55 PM in response to The hatter

The hatter wrote:


I would not call it FUD. Take your issues to Cnet then. Go post your complaint on Kaspersky's board.

Sorry, I should have specified Kaspersky FUD, and I have posted to their board before (concerning their Flashback Tool that took down so many users) and never received a reply.

I picked up from Cnet/MacFixit and the messenger . So take it up with the news site.

I thought the source of your post was ZDNet, who did post the corrected article I referenced. I'll have to see what c|net has to say today.

Apr 19, 2012 12:39 AM in response to The hatter

@hatter,


I finally heard back from Intego today (none of the other sites bothered) that there were two variants, the first was Word but the second was Java.


Then they posted another article which said a second Word variant has been found, for a total of three.


New SabPab Variant Uses Word Files to Infect Macs


F-Secure also confirmed that today.


More Mac Malware Exploiting Java

os x update

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.