Apple patch to purge Flashback infections

Powered by SC Magazine
 

Disables Java by default.

Apple has released a Java patch that comes with a detection and removal capability for the most common strains of the prolific Flashback trojan.

The update, for Mac OS X 10.7 (Lion) and 10.6 (Snow Leopard), will kill the malware, which is capable of stealing data and hijacking search traffic, among other malicious actions.

At its peak, Flashback contaminated some 650,000 machines worldwide, according to experts.

The fix from Apple also disables the automatic execution of Java applets, which are most commonly used by the average user to play games and view certain images on websites.

Individuals who want Java to automatically run can adjust their settings by visiting the software's "Preferences" application. 

Lion users must make use of Java within 35 days, or it will automatically switch off again.

Security experts supported the inclusion of that capability, believing it to be important considering many computer users run unneeded and out-of-date third-party software, which is then commonly used to exploit their machines.

Mikko Hypponen, chief research officer of anti-malware provider F-Secure, tweeted on  Friday: "I like the idea of Safari disabling the Java plug-in if unused for 35 days. Next, we need to do the same on all browsers. For all plug-ins."

Ian Melven, a senior security engineer at Mozilla, responded in a tweet that he and his team are working on similar features for the Firefox browser.

Meanwhile, on Friday, security firm Symantec said it has discovered a trojan that is taking advantage of the same (now-patched) vulnerability in Java that Flashback used to spread.

Known as "Sabpab," the "very low" risk trojan, when installed on a machine, opens a back door that can enable a remote attacker to create new processes, download files, take screenshots or install additional malware.

This article originally appeared at scmagazineus.com

Copyright © SC Magazine, US edition


Apple patch to purge Flashback infections
 
 
 
Top Stories
Beyond ACORN: Cracking the infosec skills nut
[Blog post] Could the Government's cybercrime focus be a catalyst for change?
 
The iTnews Benchmark Awards
Meet the best of the best.
 
Telstra hands over copper, HFC in new $11bn NBN deal
Value of 2011 deal remains intact.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  38%
 
Your insurance company
  4%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  3%
 
A Federal Government agency (ATO, Centrelink etc)
  19%
 
An Australian law enforcement agency (AFP, ASIO et al)
  14%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 1871

Vote
Do you support the abolition of the Office of the Information Commissioner?