Reply
Web Page Expert
BethKatz
Posts: 6,143
Registered: ‎11-14-2006

Mac malware involving Java

[ Edited ]

Since I am one of the people who doesn't run special software to protect my Mac from infections, I note that we just ran Software Update to patch a vulnerability in Java.

 

This update won't be available if you do not have Java installed. You also wouldn't be exposed to this malware in that case.

 

Yes, there is a specific problem. Yes, Apple took a while to fix it.

 

Edit to add links now that I'm on my desktop rather than on my iPad:

 

See Apple knowledge base:

http://support.apple.com/kb/HT5228

 

Ars Technica has more details:

http://arstechnica.com/apple/news/2012/04/flashback-trojan-reportedly-controls-half-a-million-macs-a...

Web Page Expert
BethKatz
Posts: 6,143
Registered: ‎11-14-2006

Re: Mac malware involving Java

It's my understanding that there is a followup update to Java as well. 


Run Software Update  (Apple menu > Software Update) to update Java. 

 

Read this article that shows how you can tell if you are infected by reading default values from the Terminal. That's a read-only detection using the command-line terminal you already have on your computer:

   http://news.cnet.com/8301-27076_3-57410050-248/mac-flashback-malware-what-it-is-and-how-to-get-rid-o...



Networking Expert
Weil
Posts: 3,567
Registered: ‎07-04-2003

Re: Mac malware involving Java

Note: The second update is only for Lion and not for Snow Leopard.

sam

Mac Expert
Joel
Posts: 5,829
Registered: ‎12-01-2003

Re: Mac malware involving Java

It should be noted that there is yet another update for Java available from Software Update. This one disables the java browser plugin by default; also, if you manually re-enable it and go a while without using it, the plugin will again be automatically disabled. This behavior is probably Safari-specific.