Update: The company launches another Java update designed to

The place for what's new and going on in the tech, innovation, and science world.

Update: The company launches another Java update designed to

Postby Egaladeist » Fri Apr 06, 2012 2:13 pm

The company launches another Java update designed to patch a hole in the Mac OS exploited by the widespread Flashback trojan.


Apple still appears to be fighting the Flashback malware that was recently found to have infected more than a half-million Mac computers.

A second Java update has been released for Mac users, according to Mac security blog Intego.

No details are available as to why this latest update was released. Intego speculates that perhaps there was a small glitch in the first update. This latest update also seems geared just for the Lion version of Mac OS X, while the initial patch was designed for both Snow Leopard and Lion


http://news.cnet.com/8301-13579_3-57410 ... &tag=title
User avatar
Egaladeist
I am the Eg man : Coo Coo Ca Choo
 
Posts: 18852
Joined: Sun Dec 25, 2005 1:02 am
Location: Canada

Re: Update: The company launches another Java update designe

Postby rapier57 » Sat Apr 07, 2012 7:14 am

Can confirm there is another Java update in the Apple Software Update channel. I'm thinking removal of Java altogether is the best solution.

:evil:
Rapier57.

Jayne: Testing. Testing. Captain, can you hear me?
Mal: I'm standing right here.
Jayne: You're coming through good and loud.
Mal: 'Cause I'm standing right here.


@rapier57
User avatar
rapier57
I've posted HOW many
 
Posts: 3113
Joined: Thu Mar 02, 2006 10:43 pm
Location: Spokane, WA USA

Re: Update: The company launches another Java update designe

Postby DaFoxx » Sat Apr 07, 2012 10:10 am

WHAT !!!! no :breakfast:

looking more and more like Cupertino were believing their own users hype of no malware on an Apple :(

read report on this outbreak, and they say 20+ Apples were calling in from Cupertino itself :shock:
just goes to show, you cannot be too careful

just spent a couple of hours clearing a neighbours PC of the latest version of scareware / ransomware
it put itself into startup file
and hi-jacked IE homepage
tried to direct to their homepage
McAfee popped up a warning, but you couldn't do feck all, as screen res was shot, no toolbar / buttons available
but had fun cleaning it
and that was just on a Windows box

I can barely navigate on Apple kit, and I don't suppose there are THAT many who can
outside of Apple's own genius team :P
Beware of Geeks bearing GIF's :mrgreen:
User avatar
DaFoxx
DaBOSS
 
Posts: 8479
Joined: Sun Dec 25, 2005 1:20 am
Location: 3rd Rock from the Sun

Re: Update: The company launches another Java update designe

Postby rapier57 » Sat Apr 07, 2012 4:40 pm

Mac's aren't that tough, I've found. Cleaning out a thing like this Flashback is pretty simple.

http://www.f-secure.com/v-descs/trojan- ... ck_c.shtml

Of course, if you already had Sophos installed on your Mac, this could not have touched you.

It is free for home users:

http://www.sophos.com/en-us/products/fr ... ition.aspx

Getting users to listen to reliable sources, use correct tools, and update regularly is the key. Same problem with Windows systems.
Rapier57.

Jayne: Testing. Testing. Captain, can you hear me?
Mal: I'm standing right here.
Jayne: You're coming through good and loud.
Mal: 'Cause I'm standing right here.


@rapier57
User avatar
rapier57
I've posted HOW many
 
Posts: 3113
Joined: Thu Mar 02, 2006 10:43 pm
Location: Spokane, WA USA

Re: Update: The company launches another Java update designe

Postby DaFoxx » Mon Apr 09, 2012 10:21 pm

rapier57 wrote:Getting users to listen to reliable sources, use correct tools, and update regularly is the key. Same problem with Windows systems.


Tru Dat .............
Foxx getting down with the kidz :hysterical:
Beware of Geeks bearing GIF's :mrgreen:
User avatar
DaFoxx
DaBOSS
 
Posts: 8479
Joined: Sun Dec 25, 2005 1:20 am
Location: 3rd Rock from the Sun

now that Mac OS trojan is going after Word

Postby DaFoxx » Tue Apr 17, 2012 12:42 pm

http://www.zdnet.com/blog/security/new- ... ature-roto

Summary: A second variant of the Mac OS X Trojan referred to as Backdoor.OSX.SabPub.a or SX/Sabpab-A is exploiting a Microsoft Word security hole, not the usual Java vulnerabilities used before.

Just a few days ago, a new Mac OS X Trojan was spotted in the wild that exploited Java vulnerabilities and required no user interaction to infect your Apple Mac, just like the Flashback Trojan. Kaspersky referred to it as “Backdoor.OSX.SabPub.a” while Sophos called it at “SX/Sabpab-A.” Now, both security firms have confirmed a different variant of this new Trojan that infects Macs by exploiting Microsoft Word, not Java.

Sophos detects the malicious Word documents as Troj/DocOSXDr-A and points to the following Microsoft Security Bulletin: MS09-027. Kaspersky meanwhile points to this security bulletin for the same Microsoft Word security hole: CVE-2009-0563.

The new version of the Trojan uses malformed Word documents to open a backdoor for remote hackers to steal information or install further code. Just like many recent variants of Mac-specific Trojans, OS X users may be caught off guard as there is no prompt to enter your username or password when the malicious software installs itself onto your Mac.

On the other hand, while the first discovered version of this Trojan requires no user interaction, this second one does. Instead of just browsing the Web and getting infected, Mac users have to actually download and open the Word document for this second version to work.
Beware of Geeks bearing GIF's :mrgreen:
User avatar
DaFoxx
DaBOSS
 
Posts: 8479
Joined: Sun Dec 25, 2005 1:20 am
Location: 3rd Rock from the Sun


Return to Tech News Zone

Who is online

Users browsing this forum: No registered users and 5 guests

cron