Mac OS forum

General discussion

FYI: Fix for Zero-Day Mac Java Flaw

by Carol~ Moderator / April 4, 2012 7:11 AM PDT

Apple on Monday released a critical update to its version of Java for Mac OS X that plugs at least a dozen security holes in the program. More importantly, the patch mends a flaw that attackers have recently pounced on to broadly deploy malicious software, both on Windows and Mac systems.

The update, Java for OS X Lion 2012-001 and Java for Mac OS X 10.6 Update 7, sews up an extremely serious security vulnerability (CVE-2012-0507) that miscreants recently rolled into automated exploit kits designed to deploy malware to Windows users. But in the past few days, information has surfaced to suggest that the same flaw has been used with great success by the Flashback Trojan to infect large numbers of Mac computers with malware.

The revelations come from Russian security firm Dr.Web, which reports that the Flashback Trojan has successfully infected more than 550,000 Macs, most which it said were U.S. based systems (hat tip to Adrian Sanabria). Dr.Web's post is available in its Google translated version here.

Continued :

From The Mac Security Blog: Apple Releases Java Update; Includes Fix for Vulnerability Exploited by Flashback Malware

Discussion is locked
You are posting a reply to: FYI: Fix for Zero-Day Mac Java Flaw
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: FYI: Fix for Zero-Day Mac Java Flaw
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Note that this only installs if you give it permission
by mrmacfixit Forum moderator / April 4, 2012 9:14 AM PDT

To quote another Mac website,

Think before you Click!

and be aware of what the Software Update dialog box looks like.

Thanks Carol


Collapse -
Fix for Zero-Day Java Flaw
by mrmacfixit Forum moderator / April 5, 2012 6:20 AM PDT
Collapse -
Another way is to launch Terminal
by mrmacfixit Forum moderator / April 5, 2012 6:37 AM PDT

and copy and paste the following commands, one at a time, and hit Return:

defaults read /Applications/ LSEnvironment

defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES

If you get "The domain/default pair ... does not exist" for both - you are clean


Collapse -
Apple Developing Tool to Detect and Remove Flashback Malware
by Carol~ Moderator / April 11, 2012 6:42 AM PDT

From Apple Support: About Flashback malware

Last Modified: April 10, 2012

Article: HT5244

Products Affected: Java, Mac OS X 10.6, OS X Lion

Summary: A recent version of malicious software called Flashback exploits a security flaw in Java in order to install itself on Macs.

Apple released a Java update on April 3, 2012 that fixes the Java security flaw for systems running OS X v10.7 and Mac OS X v10.6. By default, your Mac automatically checks for software updates every week, but you can change that setting in Software Update preferences. You can also run Software Update at any time to manually check for the latest updates.

Apple is developing software that will detect and remove the Flashback malware.

In addition to the Java vulnerability, the Flashback malware relies on computer servers hosted by the malware authors to perform many of its critical functions. Apple is working with ISPs worldwide to disable this command and control network.

Additional Information
For Macs running Mac OS X v10.5 or earlier, you can better protect yourself from this malware by disabling Java in your web browser(s) preferences.

Various News Articles (amongst many):
Apple promises Flashback malware killer
Apple announces Flashback removal tool
Apple developing tool to detect and remove Flashback Trojan

Collapse -
Apple Releases Java Update with Flashback Removal Tool
by Carol~ Moderator / April 12, 2012 9:22 PM PDT
Last Modified: April 12, 2012

Article: HT5242

Products Affected: Java, Product Security, OS X Lion, Mac OS X v10.6

Summary: This Java security update removes the most common variants of the Flashback malware.

This Java security update removes the most common variants of the Flashback malware.

This update also configures the Java web plug-in to disable the automatic execution of Java applets. Users may re-enable automatic execution of Java applets using the Java Preferences application. If the Java web plug-in detects that no applets have been run for an extended period of time it will again disable Java applets.

Java for OS X Lion 2012-003 delivers Java SE 6 version 1.6.0_31 and supersedes all previous versions of Java for OS X Lion.

This update is recommended for all Mac users with Java installed.

From Heise Security:

Additionally, the new Java update for Mac OS X 10.7 Lion prevents Java applets from being automatically executed by disabling the Java web plugin by default. Users can re-enable the automatic execution of Java applets via the Java Preferences application. However, if the plugin detects that Java applets have not been run for "an extended period of time", it will automatically disable applet support again.

The company has also released another Java update (Java for Mac OS X 10.6 Update 8) for systems running Mac OS X 10.6 Snow Leopard which removes the Flashback trojan. However, unlike the update for 10.7 Lion, it does not disable Java applets by default. Apple recommends that users who do not use Java applets should manually disable the Java web plugin in their browser; instructions for disabling the Java plugin in Safari are provided.

Java for OS X Lion 2012-003 and Java for Mac OS X 10.6 Update 8 are available to download from Apple's Support Downloads site. Alternatively, users who previously installed Java on their systems can upgrade using the built-in Software Update function. All users are advised to install the updates.
Popular Forums
Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions

Does BMW or Volvo do it best?

Pint-size luxury and funky style

Shopping for a new car this weekend? See how the BMW X2 stacks up against the Volvo XC40 in our side-by-side comparison.