Apple delivers Flashback malware hunter-killer
Third Java update in 9 days arrives as Apple scrambles to protect Mac users
Computerworld - Two days after Apple promised to decontaminate Macs infested with the Flashback malware, on Thursday the company delivered.
Yesterday's newest Mac OS X Java update includes a tool that will "remove the most common variants of the Flashback malware," Apple's advisory read.
On Tuesday, Apple for the first time acknowledged the Flashback malware campaign that exploited a Java vulnerability to infect hundreds of thousands of Macs. At the same time, Apple pledged to craft a detect-and-delete tool that would scrub compromised machines of the attack code.
Apple easily bested the time it took last year to come up with a similar tool, one designed to eliminate MacDefender fake security software. Apple released the promised anti-MacDefender tool a week after it announced those plans.
Thursday's update also disables automatic execution of Java applets in the Java browser plug-in; the exploit used by Flashback to infect Macs was hidden inside a malicious Java applet hosted on compromised websites.
One of the reasons Flashback was able to infect so many Macs was because the Java plug-in automatically ran the offered applet. Apple's move is a step toward disabling Java, the advice most security experts have suggested to users.
Users can circumvent Java's new off-by-default setting by configuring Java's preferences. But even then, Apple will intercede.
"As a security hardening measure, the Java browser plug-in and Java Web Start are deactivated if they are unused for 35 days," Apple said.
Java Web Start is an Oracle technology that lets users single-click launch a Java app from within a browser without first downloading it to the machine.
Java has an increasingly tenuous link to Mac OS X: Last July, Apple dropped Java from OS X 10.7, aka Lion, although it continues to issue Java patches for both Lion and Snow Leopard, or OS X 10.6.
In related news, Kaspersky Lab, one of the antivirus companies actively analyzing Flashback, pulled its free malware removal tool after reports that the utility was wiping some user settings.
Kaspersky launched the Flashback Removal Tool on Monday.
Also on Thursday, Symantec issued its own free detect-delete tool, posting a download link on a page touting its Mac-specific antivirus program, Norton Antivirus 12 for Mac.
Apple's latest Java update can be download from Apple's website for Snow Leopard or Lion: They weigh in at 80MB and 67MB, respectively. Mac OS X users with Java installed will be automatically alerted by Software Update.
Users running Leopard (OS X 10.5) or earlier must manually disable or remove Java from their Macs, as Apple no longer supports those older editions. That user pool is large: About one-in-six Macs are powered by an unsupported version of OS X.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed . His email address is email@example.com.
- The other Apple economy: $2B in devices on eBay
- Apple sends users scrambling for OS X Yosemite
- Long replacement cycle drags down iPad sales
- Apple unwraps OS X Yosemite public beta Thursday
- Apple grows Mac sales by 18% on the back of the MacBook Air
- Want an Apple watch? Just 3D print one
- What to listen for during Apple's earnings call today
- Mac sales will again outstrip industry average
- Apple, IBM spell out enterprise support for iPhone, iPad
- Timeline: How Apple's iOS gained enterprise cred
Read more about Malware and Vulnerabilities in Computerworld's Malware and Vulnerabilities Topic Center.
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Advanced Threat Defense: A Comprehensive Approach In this interview, Peter George, president, General Dynamics Fidelis Cybersecurity Solutions, explains why we need more than anti-malware, and what constitutes a comprehensive...
- Who's Spying on You? You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against...
- Enable secure remote access to 3D data without sacrificing visual perfomance Design and manufacturing companies must adapt quickly to the demands of an increasingly global and competitive economy. To speed time to market for...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Why Are Customers Really Deploying an NGFW? It seems every IT Security expert is talking about the NGFW, but what are people really doing? This webcast covers 5 real-world customer... All Malware and Vulnerabilities White Papers | Webcasts