How can I tell if a security update is genuine?

If that notification came via Software Update it is from Apple and genuine - in fact very important.

If you received them by other means, please say how.

You can get them direct & even check the SHA1 hash...

http://support.apple.com/kb/DL1533

http://support.apple.com/kb/HT5273

Glad we could help.

Here's the whole reson Java was disabled...

Disable Java in your Browser settings, not JavaScript.

http://support.apple.com/kb/HT5241?viewlocale=en_US

http://support.google.com/chrome/bin/answer.py?hl=en-GB&answer=142064

http://support.mozilla.org/en-US/kb/How%20to%20turn%20off%20Java%20applets

Flashback - Detect and remove the uprising Mac OS X Trojan...

http://www.mac-and-i.net/2012/04/flashback-detect-and-remove-uprising.html

In order to avoid detection, the installer will first look for the presence of some antivirus tools and other utilities that might be present on a power user's system, which according to F-Secure include the following:

/Library/Little Snitch

/Developer/Applications/Xcode.app/Contents/MacOS/Xcode

/Applications/VirusBarrier X6.app

/Applications/iAntiVirus/iAntiVirus.app

/Applications/avast!.app

/Applications/ClamXav.app

/Applications/HTTPScoop.app

/Applications/Packet Peeper.app

If these tools are found, then the malware deletes itself in an attempt to prevent detection by those who have the means and capability to do so. Many malware programs use this behavior, as was seen in others such as the Tsunami malware bot.

http://reviews.cnet.com/8301-13727_7-57410096-263/how-to-remove-the-flashback-ma lware-from-os-x/

http://x704.net/bbs/viewtopic.php?f=8&t=5844&p=70660#p70660

The most current flashback removal instructions are F-Secure's Trojan-Downloader:OSX/Flashback.K.

https://www.securelist.com/en/blog/208193454/Flashfake_Removal_Tool_and_online_c hecking_site

More bad news...

https://www.securelist.com/en/blog/208193467/SabPub_Mac_OS_X_Backdoor_Java_Explo its_Targeted_Attacks_and_Possible_APT_link

Removal for 10.5...

http://support.apple.com/kb/DL1534

http://www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFl ash

You can check here what version of Flash player you actually have installed: http://kb2.adobe.com/cps/155/tn_15507.html

You can check here: http://www.adobe.com/products/flash/about/ to see which version you should install for your Mac and OS.

You should first uninstall any previous version of Flash Player, using the uninstaller from here (make sure you use the correct one!):

http://kb2.adobe.com/cps/909/cpsid_90906.html

and also that you follow the instructions closely, such as closing ALL applications first before installing. You must also carry out a permission repair after installing anything from Adobe.

klaus1 wrote: You must also carry out a permission repair after installing anything from Adobe.

FWIW, I used to do this because Adobe would definitely screw around with Permissions, but haven't found this to be true any longer. Out of habit and curiosity, I've kept on repairing Permissions after each Adbobe update for the past several years, but haven't found any of the Adobe updates -- Flash Player or Reader -- changed a thing. But could be this older Leopard Flash Player update still does. Don't know for certain, although I doubt it.

Over maybe four or five years, I've also never found it necessary to uninstall Flash Player first. Never had a problem with that. The older one just gets overwritten.

Over maybe four or five years, I've also never found it necessary to uninstall Flash Player first. Never had a problem with that. The older one just gets overwritten.

That's the advice on Adobe's website.

I know that and can't explain why they recommend it. The Installer is obliviously set to overwrite the existing plugin. Seems pointless, except for doing troubleshooting when there are problems.

Actually, now that I search for that, I can't find anything from Adobe that states that under ordinary conditions uninstalling routinely is necessary. The only items I find are to uninstall in cases where there are problems.

E.g.

Problem

Flash Player installation was not successful.

http://helpx.adobe.com/flash-player/kb/uninstall-flash-player-mac-os.html

Perhaps you can point to something from Adobe that recommends routinely uninstalling before updating.

I think Adobe changed that sometime in the last decade or so, and likely it isn't needed often, the reason for doing so would be newer versions not being aware of some files/locations of older installs.

I think installing without installing would work 99.99% of the time, so that would likely only leave a few tens of thousands of unhappy people. 😉

I think installing without installing would work 99.99% of the time, so that would likely only leave a few tens of thousands of unhappy people.

Let those few tens of thousands of unhappy people eat cake. 😉 Actually, that's when they can use that link I gave above and follow the directions to uninstall and reapply.

Yeah, I think it may be useful to uninstall first if making a really dramatic jump between versions.

WZZZ wrote:

Over maybe four or five years, I've also never found it necessary to uninstall Flash Player first. Never had a problem with that. The older one just gets overwritten.

I think I've had at least two occasions when I found it necessary.

Randy Singer of MacAttorney and MacBible "fame" often recommends it to users who's browsers have suddenly slowed down as a first step, with confirmed success.

I do recall a time when Adobe recommended it, but perhaps they have stopped doing that now that they've made most of their older versions impossible to use. I note that they still distribute it with the download.

Ah, hmmmm, I wonder if that might be because some files do not get replaced if they already exist, whereas a munged one would get uninstalled, then the installer not seeing a particular file then writes a new one?