Thursday, April 05, 2012

The Mac Java Problem

Shortly after I posted about the Flashback Java malware targeting Mac OS X systems on Monday, Apple pushed out updates to Java for versions 10.6 and 10.7 of the operating system.  While this brings those two versions, Snow Leopard & Lion respectively, up-to-date older versions of OS X (10.5 and earlier) did not receive any updates which leave them extremely vulnerable.

F-Secure has posted some information about how rapidly this malware is spreading.  It has already reached 600,000 infected systems and is climbing, with over half of these infections in the United States.  You should check to see if you are infected.  Details are located here on how to do this.

As I posted on Monday, F-secure also found a Flashback variant that was exploiting a vulnerability that had not been patched yet, the newest update from Apple will most likely prevent users from getting infected.  But Apple is notorious for not pushing out Java updates as quickly as Oracle releases them.  This means that it's just a matter of time before users are not protected against attacks.

What will protect users from getting infected?  I recommend the following course of action:

1) - Evaluate what programs, websites, web apps you are using and determine if any require Java. You are most likely going to come up with very few if any require Java.  This will lead you to step two.

2) - If none of your websites or web apps utilize Java, then disable it immediately inside your browser of choice. Maclife has a great article that has all the steps on doing this in Safari, Firefox and Chrome.  Actually I recommend doing this EVEN IF you have websites that need Java.  You can always turn it back on temporarily, exit your browser and open it back up to use the website or web app.  It is IMPERATIVE that you disable Java again immediately after you are finished your task.

3) - If you do not have anything that uses Java, then I recommend UNINSTALLING IT COMPLETELY! CNET's MacFixit Blog has information on how to perform the uninstall. And I highly suggest ALL Mac OS X users uninstall Java from their computers.

4) - Do you have any security software installed?  Most likely you do not.  There has been a sense for a long time that Macs are not vulnerable to malware. Over the past few years this has changed, but this year is when we must draw the line and begin protecting all Macs.   As I mentioned previously, F-Secure has a great product that will protect you from muti-vector infections.  There is also an offering from Intego that is very reputable.  And Sophos has a free product for home use that can provide protection.

5) -  Please be aware, that there is a good chance that every time Apple releases a new update, you may have to disable/uninstall Java again.

At this point, you should be protected, but we all have to be ever vigilant as the Mac OS X install base is target.

No comments: