User profile for user: metapunk
metapunk Author
User level: Level 1
15 points

Java applet problems February 2013

I uploaded the most recent OSX update (13) along with the latest version of Safari on February 21, 2013. I originally downloaded the update from the Apple.com support area but when I ran it it said that it was only for 10.7 and above, despite what was written on the page where it was downloaded. The latest update disables the Java applet that is causing this recent problem with Macs. I had to use a bulk uploader on the same date so I enabled the Java applet to do so, and I think something happened, but I'm not sure how or what. I found a series of files in my Library which I had not installed. They were from a site called filmon.com and the reason I noticed it is because when I was on the YouTube home page, it automatically redirected to a streaming video on filmon.com. The files (sol) and folders had the same date, February 21, 2013. They were in the flash player area of the Library.


Something else happened on YouTube also. While I was uploading files via Safari I was using Firefox to get a link to one of my videos and a Windows dialogue box popped up when I hit the Share button on the video. It said something like, "You should clean your desktop of trash." along with an OK and cancel button. The cancel was on the left, OK on the right. It was all gray with standard simple lettering. I hit cancel.

So yesterday, I ran MacScan and there were 7 tracking cookies, but no viruses or anything else out of the ordinary. I deleted the cookies, went into Safari and Firefox and deleted those cookies.


Is there anything else I can do? Am I screwed here, or is there some remedy if I have exposed my computer to whatever is going on at the moment?



http://support.apple.com/kb/DL1572?viewlocale=en_US&locale=en_US

Apple Update page.

MacBook Pro, Mac OS X (10.6.8)

Posted on Feb 24, 2013 6:44 AM

Reply
9 replies
User profile for user: Klaus1
Klaus1
User level: Level 9
52,915 points

Feb 24, 2013 8:59 AM in response to metapunk

You can avoid tracking cookies by installing Ghostery, and pop-ups by installing GlimmerBlocker.


As for Java, just to recapitulate:



Apple barred Java from running on Macs, leaving companies that rely on Java plug-ins out in the cold.

Apple blocked Java 7 Update 11 by adding it to the banned list in XProtect.

This was the second time in two weeks that Apple has blocked Oracle's code from running on Macs. This time Java is blocked through Apple's XProtect anti-malware feature.

Java has come under fire as the means by which hackers have been able to gain control of computers. In April 2012 more than 600,000 Macs were reported to have been infected with a Flashback Trojan horse that was being installed on people's computers with the help of Java exploits. Then in August Macs were again at risk due to a flaw in Java, this time around, there was good news for Mac users: Thanks to changes Apple has made, most of us were safe from the threat.


Unwilling to leave its customers open to potential threats Apple decided it's safer to block Java entirely.

Macs running OS X Snow Leopard and beyond are affected.


UPDATE for those running Lion or Mountain Lion:

Oracle on Friday February 1 released a new version reportedly addressing vulnerabilities seen with the last build.

Apple disabled Java 7 through the OS X XProtect anti-malware system, requiring users to have at least version "1.7.0_10-b19" installed on their Macs. The release dated February 1 carries the designation "1.7.0_13-b20," meeting Apple's requirements.


Oracle "strongly recommends" applying the CPU fixes as soon as possible, saying that the latest Critical Patch Update contains 50 new security fixes across all Jave SE products.


Update for Snow Leopard users:


Apple issued update 12 for Java for OS 10.6:


http://support.apple.com/kb/DL1573


Note: On systems that have not already installed Java for Mac OS X 10.6 update 9 or later, this update will configure web browsers to not automatically run Java applets. Java applets may be re-enabled by clicking the region labeled "Inactive plug-in" on a web page. If no applets have been run for an extended period of time, the Java web plug-in will deactivate.


Further update:


Apple issued this Java related security update No. 13 on February 19:


http://support.apple.com/kb/HT5666

Reply
User profile for user: Klaus1
Klaus1
User level: Level 9
52,915 points

Feb 28, 2013 2:51 PM in response to metapunk

It's the way Zeobit market their semi-malware MacKeeper: by using pop-ups all over the place.


MacKeeper has been described by various sources as highly invasive malware (a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software) that can de-stablize your operating system, adding that it is unethically marketed, with a history of making false advertising claims, by a company called Zeobit and a rip-off.


For more details about Zeobit’s alledgedly fraudulent advertising and paid-for ‘reviews’, and their dubious marketing practises, read this:


http://stemmings.com/the-truth-about-mackeeper-scam/

Reply
User profile for user: thomas_r.
thomas_r.
User level: Level 7
32,071 points

Mar 1, 2013 6:35 AM in response to metapunk

What you're seeing is not an actual window, unless you've got some serious system appearance modifications in place. What that is is just some HTML elements, displayed and moved to a particular location on the page by JavaScript. For example, try clicking one of the images in the story in the following page on my web site:


http://www.thesafemac.com/variant-of-smssend-slips-past-xprotect/


Those aren't real windows that pop up when you click an image, just some fancy JavaScript, HTML and CSS coding.


Somewhere on the YouTube pages you're trying to view, there must be an advertisement that has such code embedded in it, and it's showing that "window" to try to scare you into installing MacKeeper. Typical Zeobit marketing scam.


What are some of the pages you're seeing this happen on? Or is it happening with every YouTube video?


Also, note that MacScan is pretty much worthless for anything useful. See:


http://www.thesafemac.com/macscan-disappoints/

Reply
User profile for user: WZZZ
WZZZ
User level: Level 6
13,238 points

Mar 1, 2013 7:03 AM in response to metapunk

If you get Firefox and install the Add-on AdBlock Plus (note: uncheck the default "Allow some non-intrusive advertisng" in filter preferences), you can selectively and permanently, if desired, block any image you want. However, with ABP, you won't need to do this in the first place, since it will remove almost all advertising, including the MacKeeper crap, everywhere for good. I have never seen a MacKeeper ad.

Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Java applet problems February 2013

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up