Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: sperry1975
sperry1975 Author
User level: Level 1
35 points

Is Mountain Lion automatically protected against this malware?

I had a backup made to an external drive in Lion before I got rid of my last macbook pro so that I could then use the time machine feature to restore my data back to a new mac. Now that I have a new mac with Mountain Lion installed by default I'm wondering if this malware flashback might have been on my backup and got transfered over to my new system. Is this possible? If so then how do I get rid of it? Does Apple offer any tools?

MacBook Pro with Retina display, OS X Mountain Lion (10.8.1)

Posted on Aug 28, 2012 1:43 AM

Reply
Question marked as Best reply
User profile for user: mende1
mende1
User level: Level 10
93,538 points

Posted on Aug 28, 2012 1:47 AM

If the computer had that, it will be moved to the computer. http://support.apple.com/kb/DL1517

View in context
6 replies
User profile for user: thomas_r.
thomas_r.
User level: Level 7
31,989 points

Aug 28, 2012 12:55 PM in response to sperry1975

Technically, getting rid of Flashback (if you actually have it) is a little more complicated. The Flashback removal update that mende1 recommended is only applicable to people who are running Lion and do not have Java installed. If you do have Java installed, there is a different update that you will need. And these updates cannot be installed more than once... if you have already installed either, you should be Flashback-free, with security tightened down to prevent future infections (of which there probably won't be any, as Flashback hasn't infected any new machines in months).


For more information, see About the Flashback malware.

Reply
User profile for user: MadMacs0
MadMacs0
User level: Level 5
5,221 points

Aug 28, 2012 7:57 PM in response to thomas_r.

I think the OP may have a point here. It sounds like there wasn't a very big gap between his old an new computer, but say it was six months or so, before most users had even heard of Flashback. He could have migrated components of it very easily since most were contained in his user directory.


I had a discussion with a similar user a few days ago and he went to the trouble of running all the Flashback and MacDefender removal tools (that he had saved) on his new Mountain Lion Mac and they all seemed to run. I don't know enough about the directory structure of Mountain Lion to know whether any of them would have been effective or not, so I think there could be a very slim chance that an infection can be migrated. The XProtect system only looks for installers and GateKeeper watches Applications. It would appear that the MRT's look for installed components as do many third party general A-V apps and Flashback removal tools.

Reply
User profile for user: thomas_r.
thomas_r.
User level: Level 7
31,989 points

Aug 29, 2012 3:47 AM in response to MadMacs0

I think I missed the fact that the data was restored to a ML system, which does complicate things. Those third-party tools should all work just fine in Mountain Lion, at least as far as the directory structure goes. Not that much has changed. But the Apple-provided updates definitely wouldn't work, as they're for Lion and shouldn't even install on Mountain Lion.

Reply

Is Mountain Lion automatically protected against this malware?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up