In the ongoing battle against the Flashback malware, Apple released a third set of updates to Java last week. This new release includes a tool that will detect and remove the Flashback malware from infected Mac OS X 10.6 and 10.7 systems. But Apple has decided that it may even be able to protect it's users from Java malware with a more proactive approach. The new Java update will monitor itself and determine if it has been used during the past 35 days. If Java has not been used, it will automatically disable the Java settings and Users can re-enable the automatic execution of Java applets via the Java Preferences application (Applications ➤ Utilities ➤ Java Preferences). This means that any malware attack targeting Java would not be able to automatically infect users (aka drive-by infections) that rarely use Java. CNET has a great article on how this works in the real world.
Now Apple did release a stand alone detection and removal tool for OS X 10.7 Lion systems that may not have had Java installed. I'm fairly certain those systems would not have been effected, but I am happy Apple released this. You can download the standalone tool here.
While I applaud Apple for this new security minded approach, it still does not protect users of older Mac OS X versions (10.5 and below). Even users of OS X 10.6 Snow Leopard will not benefit from the automatic disable feature as it only works in 10.7 Lion. I still recommend disabling & removing Java if possible in for OS X 10.6 or below to prevent any further infections.
For Mac OS X users of any version (getting Apple updates or not), I highly recommend that you download and run one of the stand alone detection and removal tools made available from the security vendors:
F-secure Flashback Removal Tool
Kasperky (Updated Monday as the original had a flaw) - Flashfake/Flashback Removal Tool
Symantec - Norton Flashback Removal Tool
And all of these vendors have Mac Antivirus/Security software that should be evaluated and installed by businesses and individuals alike. The days of the Mac's security by obscurity has come to an end, and there are some major lessons for IT to be learned by the entire Flashback affair.
No comments:
Post a Comment