Apple delivers Flashback malware hunter-killer
Third Java update in 9 days arrives as Apple scrambles to protect Mac users
Computerworld - Two days after Apple promised to decontaminate Macs infested with the Flashback malware, on Thursday the company delivered.
Yesterday's newest Mac OS X Java update includes a tool that will "remove the most common variants of the Flashback malware," Apple's advisory read.
On Tuesday, Apple for the first time acknowledged the Flashback malware campaign that exploited a Java vulnerability to infect hundreds of thousands of Macs. At the same time, Apple pledged to craft a detect-and-delete tool that would scrub compromised machines of the attack code.
Apple easily bested the time it took last year to come up with a similar tool, one designed to eliminate MacDefender fake security software. Apple released the promised anti-MacDefender tool a week after it announced those plans.
Thursday's update also disables automatic execution of Java applets in the Java browser plug-in; the exploit used by Flashback to infect Macs was hidden inside a malicious Java applet hosted on compromised websites.
One of the reasons Flashback was able to infect so many Macs was because the Java plug-in automatically ran the offered applet. Apple's move is a step toward disabling Java, the advice most security experts have suggested to users.
Users can circumvent Java's new off-by-default setting by configuring Java's preferences. But even then, Apple will intercede.
"As a security hardening measure, the Java browser plug-in and Java Web Start are deactivated if they are unused for 35 days," Apple said.
Java Web Start is an Oracle technology that lets users single-click launch a Java app from within a browser without first downloading it to the machine.
Java has an increasingly tenuous link to Mac OS X: Last July, Apple dropped Java from OS X 10.7, aka Lion, although it continues to issue Java patches for both Lion and Snow Leopard, or OS X 10.6.
In related news, Kaspersky Lab, one of the antivirus companies actively analyzing Flashback, pulled its free malware removal tool after reports that the utility was wiping some user settings.
Kaspersky launched the Flashback Removal Tool on Monday.
Also on Thursday, Symantec issued its own free detect-delete tool, posting a download link on a page touting its Mac-specific antivirus program, Norton Antivirus 12 for Mac.
Apple's latest Java update can be download from Apple's website for Snow Leopard or Lion: They weigh in at 80MB and 67MB, respectively. Mac OS X users with Java installed will be automatically alerted by Software Update.
Users running Leopard (OS X 10.5) or earlier must manually disable or remove Java from their Macs, as Apple no longer supports those older editions. That user pool is large: About one-in-six Macs are powered by an unsupported version of OS X.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed . His email address is firstname.lastname@example.org.
- Even rivals are waiting for Apple to get into wearables
- Apple preps final non-security Mavericks update
- New Yosemite dev preview may herald public beta update later this week
- iPhone 5C's China bust raises questions about Apple's pricing for '14 models
- Mac sales so far in '14 may signal share push
- China scrubs Apple's iPad and MacBooks from government buying list
- Circle the date: Apple's iPhone 6 event slated for Sept. 9
- Stable Mac prices fuel reliable profit engine
- Apple unveils minor bumps to MacBook Pro laptops
- Feds arrest Florida man who allegedly conned Apple out of $309K
Read more about Malware and Vulnerabilities in Computerworld's Malware and Vulnerabilities Topic Center.
- Deep Security +VMware vSphere with Operations Management Most midsize organizations are highly virtualized on VMware, and while this has produced significant savings, it also has created new challenges when it...
- 3 Questions to Ask Your DNS Host about Lowering DDoS Risks Neustar has had wide-ranging conversations with clients wanting to know how they can optimize protection as DDoS attacks increase in frequency and size.
- The Danger Deepens: 2014 Neustar Annual DDoS Attacks and Impact Report This report compares DDoS findings from 2013 to 2012, based on a survey of 440 North American companies, including 139 businesses delivering technology...
- DDoS Infographic: How Are Attacks Evolving? For the third consecutive year, Neustar surveyed businesses across major industries to track the evolution of DDoS attacks. Are they more frequent? Larger?...
- How to Use Crowd-Sourced Threat Intelligence to Stop Malware in its Tracks Threat sharing networks have been around for a long time, however they have typically been "invitation-only", available to only large companies, or those...
- An Incident Response Playbook: From Monitoring to Operations As cyber-attacks grow more sophisticated, many organizations are investing more into incident detection and response capabilities. In this webcast, learn how to develop... All Malware and Vulnerabilities White Papers | Webcasts