• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Another OS X Java Update to Mitigate Flashback-like Malware

April 12, 2012 By Corey Nachreiner

In two posts [ 1 / 2 ] last week, I warned you about an Apple OS X Java update that fixed a vulnerability attackers were leveraging to spread a mac trojan called Flashback. According to reports, this botnet trojan infected over 600,000 Mac users.

Today, Apple released yet another OS X Java update, this time designed to remove Flashback infections and to potentially mitigate future Java attacks.

According to Apple’s advisory, Java for OS X Lion 2012-003 configures the Java web plug-in to disable automatic execution of Java applets. This means if you visit a web page containing malicious (or legitimate) Java code, that code will not run automatically; thereby possibly preventing a drive-by download attack. The update does still allow you to manually re-enable automatic Java applet execution. However, if you do so, the plug-in will re-disable it if it detects you haven’t run Java applets for a long period of time.

This update also tries to detect and remove Flashback infections from your computer. It will inform you if it finds and removes an infection, otherwise it will remain silent when installed.

Though I don’t think the 2012-003 Java update is as critical as the first ones (which actually corrected Java vulnerabilities), it can help mitigate future Java-based attacks. If you’re a Mac user, I recommend you install it as soon as you can, or let Apple’s Software Updater do it for you. One note though…at the time of writing, though Apple had released their advisory and email about this update’s availability, I could not locate the update on their download page. I can only assume they either haven’t finished posting it, or have pulled it temporarily for some reason. In any case, I suspect it will show up on their download page, or in their Software Updater shortly.  — Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Security Bytes Tagged With: Apple, code execution, Flashback, Lion, Oracle, snow leopard, Updates and patches, Zero day exploit

Comments

  1. Comodo Antivirus says

    April 22, 2012 at 11:52 pm

    Malwares can easily destroyed using Comodo antivirus

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • The White House Tackles AI
  • What to Expect from NIS2

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Grading our 2023 Security Predictions
  • What to Expect from NIS2
  • Combined Cyber and Kinetic Warfare
  • The White House Tackles AI
  • The Threat Actor That Hacked MGM
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use