Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Are macs vulnerable to Yahoo exploit kit?

The following report showed up on CNN today:


A malware attack hit Yahoo's advertising server over the last few days, affecting thousands of users in various countries, an Internet security firm said.

In a blog post, Fox-IT said Yahoo's servers were releasing an "exploit kit" that exploits vulnerabilities in java and installed malware.

"Clients visiting yahoo.com received advertisements served by ads.yahoo.com," the internet security firm said. "Some of the advertisements are malicious."

Fox-IT, which is based in the Netherlands, focuses on cyber defense


I ask this because an odd page came up (for AliExpress, an online retailer) yesterday when I clicked on a bookmark to a legitimate news site.

I have OSX Mountain Lion 10.8.5.

Thanks for any info.

iMac, OS X Mountain Lion (10.8.3)

Posted on Jan 5, 2014 1:30 PM

Reply
Question marked as Best reply

Posted on Jan 5, 2014 1:53 PM

The later Mac OS X versions started shipping with Java turned off or not installed, by default, so now you have to determine if your OS version was one of those. Since all my Macs are antique, that is something I have no direct experience with.


You could get a software to see what is in your Mac (java, among others) and the status of that. Here is something I'd heard about; it is too new for my computers & don't know if it costs: http://www.etresoft.com/ And in an older Mac I could easily see what kinds of applications are in the Mac via System Profiler, list of applications.


Several newer or third party browsers offer a version where Java was turned off, as was Flash plugin. I have some of these since Safari was not current to my older OS X.


Good luck & happy computing! 🙂

25 replies
Question marked as Best reply

Jan 5, 2014 1:53 PM in response to Lourufmom

The later Mac OS X versions started shipping with Java turned off or not installed, by default, so now you have to determine if your OS version was one of those. Since all my Macs are antique, that is something I have no direct experience with.


You could get a software to see what is in your Mac (java, among others) and the status of that. Here is something I'd heard about; it is too new for my computers & don't know if it costs: http://www.etresoft.com/ And in an older Mac I could easily see what kinds of applications are in the Mac via System Profiler, list of applications.


Several newer or third party browsers offer a version where Java was turned off, as was Flash plugin. I have some of these since Safari was not current to my older OS X.


Good luck & happy computing! 🙂

Jan 5, 2014 2:35 PM in response to Lourufmom

Advertisements can be loaded into almost any non-secure connection when viewing content from pages of your choice, so pop-up/pop-under ads can appear even if you visit your 'local newspaper' online if an ad server is set to do it. And you don't/can't block the ads.


Java: a product, an application...

and a page with their take on it:

http://www.java.com/en/about/


As was stated, javascript is not the same thing. You use javascripts a lot and don't see the technology in your Mac. In another world some called that something else. It was kinda like 'running a macro' in windows. And you can write your own to automate stuff in your computer; write a macro to have the computer do things. Like an application to turn off your lights, or perform repetitive tasks without doing everything over and over, etc.


The path to see applications-in-system profiler should still be similar to what I posted earlier, even in Mavericks. Not all references to Java (esp in older Macs) would mean Java is running; but Etresoft should show if its there. Adobe does not make Java, and the exploits or other weakness there was not related to Java. It was related to Flash player plugins and how they were used in web page content, delivery etc.


Hopefully this helps.

Good luck & happy computing! 🙂

Jan 5, 2014 2:34 PM in response to Lourufmom

Is there a way I can find out if Java is on my computer?

Simple. Just open Terminal in Utilities and copy/paste in, then hit Return.


java -version


Since I have Java disabled in Java Prefernces.app, I get


Unable to locate a Java Runtime to invoke.


But Reader and Flash, even though they aren't run through Java, are known to be constantly exploited by malware. You should make sure you keep both updated.

Jan 5, 2014 3:08 PM in response to WZZZ

Etresoft is indeed free. Here is the report I received. It shows that "Java Applet Plug-in Version" is outdated and urges me to update. This is also the response when I clicked on the red button at the link from Csound1 (it said it couldn't determine if I have Java.) I never received a message to update. Should I do this now?


Hardware Information:

iMac (21.5-inch, Late 2012)

iMac - model: iMac13,1

1 2.7 GHz Intel Core i5 CPU: 4 cores

8 GB RAM


Video Information:

NVIDIA GeForce GT 640M - VRAM: 512 MB


System Software:

OS X 10.8.5 (12F45) - Uptime: 0 days 8:4:49


Disk Information:

APPLE HDD HTS541010A9E662 disk0 : (1 TB)

disk0s1 (disk0s1) <not mounted>: 209.7 MB

Macintosh HD (disk0s2) /: 999.35 GB (932.86 GB free)

Recovery HD (disk0s3) <not mounted>: 650 MB


USB Information:

Seagate Backup+ Desk Mac 2 TB

disk1s1 (disk1s1) <not mounted>: 209.7 MB

Seagate Backup Plus Drive (disk1s2) /Volumes/Seagate Backup Plus Drive: 2 TB (1.93 TB free)




Apple Inc. FaceTime HD Camera (Built-in)


Apple Inc. MacBook Air SuperDrive


Apple Inc. BRCM20702 Hub

Apple Inc. Bluetooth USB Host Controller


FireWire Information:


Thunderbolt Information:

Apple Inc. thunderbolt_bus


Kernel Extensions:


Problem System Launch Daemons:


Problem System Launch Agents:


Launch Daemons:

[loaded] com.adobe.fpsaud.plist 3rd-Party support link


Launch Agents:


User Launch Agents:

[loaded] com.adobe.ARM.[...].plist 3rd-Party support link


User Login Items:

iTunesHelper

AdobeResourceSynchronizer


Internet Plug-ins:

FlashPlayer-10.6: Version: 11.9.900.170 - SDK 10.6 3rd-Party support link

QuickTime Plugin: Version: 7.7.1

AdobePDFViewerNPAPI: Version: 11.0.04 - SDK 10.6 3rd-Party support link

AdobePDFViewer: Version: 11.0.04 - SDK 10.6 3rd-Party support link

CANONiMAGEGATEWAYDL: Version: 3.1.0.2 3rd-Party support link

Flash Player: Version: 11.9.900.170 - SDK 10.6 3rd-Party support link

JavaAppletPlugin: Version: 14.3.0 - SDK 10.8 Outdated! Update


Audio Plug-ins:

AirPlay: Version: 1.7 - SDK 10.8

iSightAudio: Version: 7.7.1 - SDK 10.8


3rd Party Preference Panes:

Flash Player 3rd-Party support link


Bad Fonts:

None


Old Applications:

None


Time Machine:

Skip System Files: NO

Auto backup: YES

Volumes being backed up:

Macintosh HD: Disk size: 930.71 GB Disk used: 61.92 GB

Destinations:

Seagate Backup Plus Drive [Local] (Last used)

Total size: 2

Total number of backups: 60

Oldest backup: 2013-06-10 18:03:47 +0000

Last backup: 2014-01-05 22:33:10 +0000

Size of backup disk: Adequate

Backup size 2 > (Disk used 61.92 GB X 3)

Time Machine details may not be accurate.

All volumes being backed up may not be listed.


Top Processes by CPU:

4% Finder

2% WindowServer

1% EtreCheck

0% mds

0% coreservicesd


Top Processes by Memory:

352 MB iTunes

106 MB Safari

106 MB WebProcess

90 MB WindowServer

82 MB mds


Virtual Memory Information:

5.25 GB Free RAM

1.24 GB Active RAM

462 MB Inactive RAM

1.05 GB Wired RAM

386 MB Page-ins

0 B Page-outs

Jan 5, 2014 3:53 PM in response to Csound1

Csound1 wrote:


Then you have no functional copy of Java installed

I don't agree. That check will only reveal Java SE 6 or the JDK version of Java SE 7. According to the EtreCheck he has a very old Java plugin (14.3.0) which is blocked by XProtect, so he won't be able to use it. Current version is 14.9.0.


For Java SE 7 he needs to check System Preferences->Java to see what he has.

Jan 5, 2014 3:56 PM in response to MadMacs0

MadMacs0 wrote:


Csound1 wrote:


Then you have no functional copy of Java installed

I don't agree. That check will only reveal Java SE 6 or the JDK version of Java SE 7. According to the EtreCheck he has a very old Java plugin (14.3.0) which is blocked by XProtect, so he won't be able to use it. Current version is 14.9.0.

That is why I said that it was not functional

Jan 5, 2014 4:04 PM in response to Lourufmom

Is there a way I can find out if Java is on my computer?

There are two different Java distributions for the Mac: one distributed by Apple, and one by Oracle. They don't overlap in function.

The Apple Java runtime (version 6) is needed to run bare jar files and older standalone Java applications. Newer Java applications have the Java runtime built in, and don't depend on Apple's Java.

The Oracle Java runtime (version 7) is a web plugin only. It's used to run Java applets on web pages and Java WebStart applications. This is the one relevant to your concern. You can determine whether it's installed and up to date by looking for a preference pane named Java in System Preferences.

Are macs vulnerable to Yahoo exploit kit?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.