Apple delivers Flashback malware hunter-killer
Third Java update in 9 days arrives as Apple scrambles to protect Mac users
Computerworld - Two days after Apple promised to decontaminate Macs infested with the Flashback malware, on Thursday the company delivered.
Yesterday's newest Mac OS X Java update includes a tool that will "remove the most common variants of the Flashback malware," Apple's advisory read.
On Tuesday, Apple for the first time acknowledged the Flashback malware campaign that exploited a Java vulnerability to infect hundreds of thousands of Macs. At the same time, Apple pledged to craft a detect-and-delete tool that would scrub compromised machines of the attack code.
Apple easily bested the time it took last year to come up with a similar tool, one designed to eliminate MacDefender fake security software. Apple released the promised anti-MacDefender tool a week after it announced those plans.
Thursday's update also disables automatic execution of Java applets in the Java browser plug-in; the exploit used by Flashback to infect Macs was hidden inside a malicious Java applet hosted on compromised websites.
One of the reasons Flashback was able to infect so many Macs was because the Java plug-in automatically ran the offered applet. Apple's move is a step toward disabling Java, the advice most security experts have suggested to users.
Users can circumvent Java's new off-by-default setting by configuring Java's preferences. But even then, Apple will intercede.
"As a security hardening measure, the Java browser plug-in and Java Web Start are deactivated if they are unused for 35 days," Apple said.
Java Web Start is an Oracle technology that lets users single-click launch a Java app from within a browser without first downloading it to the machine.
Java has an increasingly tenuous link to Mac OS X: Last July, Apple dropped Java from OS X 10.7, aka Lion, although it continues to issue Java patches for both Lion and Snow Leopard, or OS X 10.6.
In related news, Kaspersky Lab, one of the antivirus companies actively analyzing Flashback, pulled its free malware removal tool after reports that the utility was wiping some user settings.
Kaspersky launched the Flashback Removal Tool on Monday.
Also on Thursday, Symantec issued its own free detect-delete tool, posting a download link on a page touting its Mac-specific antivirus program, Norton Antivirus 12 for Mac.
Apple's latest Java update can be download from Apple's website for Snow Leopard or Lion: They weigh in at 80MB and 67MB, respectively. Mac OS X users with Java installed will be automatically alerted by Software Update.
Users running Leopard (OS X 10.5) or earlier must manually disable or remove Java from their Macs, as Apple no longer supports those older editions. That user pool is large: About one-in-six Macs are powered by an unsupported version of OS X.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed . His email address is email@example.com.
- Apple hands stock worth $12.1M to top execs in retention deal
- Hands on: Apple's Mac Pro is the fastest Mac ever
- Apple CFO to retire in September after he cashes in $53M stock award
- Apple's CarPlay to spark mobile apps war in your car
- Apple retires Snow Leopard from support, leaves 1 in 5 Macs vulnerable to attacks
- Apple patches critical 'gotofail' bug with Mavericks update
- Why Apple needs a $700 MacBook Air
- Apple takes top spot in brand value computation
- Apple gets a patent for health-monitoring ear buds
- Apple shifts to hardware-first TV strategy with revamped set-top box
Read more about Malware and Vulnerabilities in Computerworld's Malware and Vulnerabilities Topic Center.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The Threat Landscape Hardly a day goes by without the discovery of a new cyberthreat somewhere in the world! But how do you keep up with...
- Security for Virtualization In the rush to implement virtualization, security has become second. So while the business benefits are clear, the risks are less well documented...
Red Hat Enterprise Linux - The Original Cloud Operating System
Linux adoption is growing against a number of measures, such as the
number of supercomputers that run Linux and the size of the contributing...
- OpenStack Hype vs. Reality: CIO Quick Pulse Open-source architecture can enable IT departments to build infrastructure-as-a-service (IaaS) clouds running on standard hardware.
- Webinar: Building a Big Data solution that's production-ready Big data solutions are no longer just a nice-to-have.
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well... All Malware and Vulnerabilities White Papers | Webcasts