Archive for the ‘automatic execution’ tag
Apple on Tuesday released two Java updates for OS X 10.7 Lion and OS X 10.6 Snow Leopard which mimic the functionality of a recent Safari update that disables the automatic execution of Java applets.
Apple has now released a tool that removes the Flashback Trojan from infected Mac computers, according to a security update posted to Apple.com on Thursday. The malicious software, which some have casually referred to as the “Mac virus,” (even though, yes, we know, a trojan is not a virus), had previously infected some 650,000 Mac laptops, making it one of the largest infections the Mac install base has ever seen.
The company had announced earlier in the week that it would deploy software to detect and remove the Flashback malware from users’ computers, which first began appearing on Mac computers back in September. It wasn’t until recently that the trojan, which created a botnet consisting of infected Macs, returned with a vengeance. By early April, security firms were reporting that as many as half a million Macs could be infected and the number was growing still.
To address the malware, which was exploiting a security flaw in Java in order to install itself on Macs, Apple had been releasing Java updates through its Software Update feature. Apple had been advising users to disable Java in their browser to better protect themselves from attack.
With the new removal tool, Apple is now able to disable Java applets by default (on some versions of OS X) and can now remove the Flashback Trojan from infected Macs.
This Java security update removes the most common variants of the Flashback malware.
This update also configures the Java web plug-in to disable the automatic execution of Java applets. Users may re-enable automatic execution of Java applets using the Java Preferences application. If the Java web plug-in detects that no applets have been run for an extended period of time it will again disable Java applets.
Java for OS X Lion 2012-003 delivers Java SE 6 version 1.6.0_31 and supersedes all previous versions of Java for OS X Lion.
This update is recommended for all Mac users with Java installed.
As you may notice, the above tool is only available for OS X Lion. Snow Leopard users are pointed to another removal tool here, but this one is unable to automatically disable Java in the browser. That will still need to be done manually.
Both updates, however, ship with the patched version of Java which was released via the Java security updates that went out earlier in the week.
Hot on the heels of the antivirus firms targeting Flashback, Apple has released another Java update meant to identify and remove any infections of the malware. The company posted the update on Thursday afternoon both to its website and Software Update, making it the third Java update released by the company in just over a week.
“This Java security update removes the most common variants of the Flashback malware,” Apple wrote in the support document for the update. “This update also configures the Java web plug-in to disable the automatic execution of Java applets. Users may re-enable automatic execution of Java applets using the Java Preferences application. If the Java web plug-in detects that no applets have been run for an extended period of time it will again disable Java applets.”
Thursday’s update is essentially the same version of Java released by Apple last week, but with a Flashback removal tool and a preference to control whether Java applets can run automatically or not. At this point in the game, it seems that most Mac users reading Ars probably already identified any infections and removed them, but Apple’s latest update will undoubtedly cover users who are either still unaware of the infection or unsure of what to do about it.