Asia Studios Massage

Alarmed about botnet trojan, Apple releases update for Macs

b4u

Active member
Jul 23, 2010
1,789
10
38
Alarmed about botnet trojan, Apple releases update for Macs

As Apple grows, so will the number of viruses that can affect it systems. Today, it issued a Java update to keep one of these viruses, the Flashback trojan, at bay.

Flashback is a type of malware that is transferred to your computer by masquerading as a safe browser plug-in. When a person goes to an infected website housing the malware, he will be prompted to download a plugin, such as flash, in order to view content. Giving permission allows the malware to execute and download to your computer. Evolved versions of the virus use a hole in Apple’s version of Java to download to your Mac immediately after you open the webpage

Russian antivirus vendor Doctor Web estimates up to 550,000 Macs have been infected thus far, over half of which are located in the United States.


“There has been a significant increase in Mac malware in the last several quarters, so what we’ve seen with the Flashback Trojan isn’t particularly surprising,” said Dave Marcus, director of advanced research and threat intelligence at McAfee Labs, in an e-mail to VentureBeat. “As the popularity of Macs increase, so will attacks on the Mac platform. Users should always take the proper precautions to protect themselves by ensuring that their security software in-up-to-date and all Apple patches are up-to-date.”


Apple latest update to Java patches that hole, and closes the malware’s ability to easily get in. But like most malware, the writers will be able to find a new vulnerability and exploit it. Cnet makes the point that Apple does not use Java’s public versions, but rather has its own version. This hole had been patched by Java in February, where Apple’s version took until now to fix.




How to detect and remove...


Mac Flashback malware: What it is and how to get rid of it (FAQ)



probably nothing to worry about cuz Apple fanboys told me macs can't get virus etc :rolleyes:
 

b4u

Active member
Jul 23, 2010
1,789
10
38
How Apple Is To Blame For The Flashback Malware Outbreak

The Flashback malware is now estimated to have infected almost 2 percent of Mac systems. If that number is accurate than it’s safe to call this outbreak an epidemic, and that means that it’s time to point fingers and lay the blame for this outbreak where it belongs – at Apple‘s door.

Now you might be wondering how a malware outbreak is Apple’s fault. After all, the malware relies on vulnerabilities in Oracle‘s Java platform to take systems over, and not vulnerability in OS X. Also, I think it’s safe to assume that Apple didn’t create the malware either! So surely it’s Oracle that’s to blame for this mess and not Apple?

No. Apple is to blame for this outbreak, and here’s why. While Java is an Oracle product, and Oracle is responsible for pushing updates out to Windows and Linux users that have Java installed on their PCs, things work differently on the Mac platform. Here Apple is in charge of patching Java, not Oracle, and this is where the problems begin. Apple is notorious for being glacially slow when it comes to patching vulnerabilities in the Java platform, taking on average an additional six months to come out with patches. These delay are bad because they give hackers time to examine the Oracle updates, figure out what the patched vulnerability were, and then target this vulnerability on Macs.

And this is exactly what happened with Flashback.

Note: This is why it is vitally important to apply security updates to operating systems in a timely fashion. Hackers are quick to examine the code and find discover what the patch fixes. They are then free to go away and target people who, for whatever reason, have not applied the update.

Oracle issued a patch for the vulnerabilities used by Flashback on February 17, but updates weren’t made available to Mac users until April 2. This means that hackers had six weeks to discover the vulnerability in Java and begin exploiting it with Flashback before Apple rolled out updates to its users. And it’s this delay that has resulted in over 650,000 compromised Mac system and the creation of one of the largest botnets on the planet.

This outbreak was preventable, and if Apple had released Java updates in a timely fashion Flashback wouldn’t have become the problem that it now is for hundreds of thousands of Mac owners who thought Apple had them covered.

Think Apple’s got your back? Think again!
 

WoodPeckr

Protuberant Member
May 29, 2002
46,949
5,755
113
North America
thewoodpecker.net
LOL!
Oh, fear not, Apple will get around to 'fixing' that .....eventually.....:biggrin1:

This is why Linux security is superior in this regards and quickly plugs any holes found as explained in this clip:

 

b4u

Active member
Jul 23, 2010
1,789
10
38
you are out of luck on getting support from Apple if you are still running OSX Tiger and Leopard.

Java updates for Flashback avoid OS X Tiger and Leopard

When OS X Lion was released, Apple stopped supporting prior versions of OS X, so it's not very likely that Apple will release an update to patch Java on these systems. Therefore, if you use an older Mac you'll need to take alternative steps to protect it.
great support from Apple huh? lol
 

larry

Active member
Oct 19, 2002
2,070
4
38
you are out of luck on getting support from Apple if you are still running OSX Tiger and Leopard.

Java updates for Flashback avoid OS X Tiger and Leopard
great support from Apple huh? lol
i don't have a mac and only suggest that people who know nothing buy one so they can get support at the mall, but, really, expecting updates for no-longer-supported os versions seems a little much. those users need to upgrade. same as windows 3.1 users. they have to catch up. the good part of this is apple may start doing more frequent updates.
 

djk

Active member
Apr 8, 2002
5,949
0
36
the hobby needs more capitalism

b4u

Active member
Jul 23, 2010
1,789
10
38
How's the ICS update coming along for the Galaxy S? You know, a year old phone. ;)
And how is that related to desktop computers that this thread is talking about?
even Microsoft still offer support to their 10+ year old Windows XP untill 2014


and in regards to the phone, ICS updates are still rolling out...with no definitive word that Galaxy S won't receive it. The newer phones are getting it first....I should also note that a friend does infact have ICS running on a jailbroken Galaxy S :p
 

oldjones

CanBarelyRe Member
Aug 18, 2001
24,485
12
38
i don't have a mac and only suggest that people who know nothing buy one so they can get support at the mall, but, really, expecting updates for no-longer-supported os versions seems a little much. those users need to upgrade. same as windows 3.1 users. they have to catch up. the good part of this is apple may start doing more frequent updates.
Right, junk the car that runs fine, because it's showing a rust spot and buy a whole new one. With Bluetooth. Never consider just repairing the problem for a few bucks.

By my way of thinking, what people need to do is stop leaping for the newest, half-tested fashion product and just keep on using what works well for them, until something comes along that will do what they want so much better that it's actually worth having. Of course that would make you a rebel against our commercial society's entire way of life itself.

As suggested above, if Apple won't anti-virus you, there are others who will.
 

Powershot

Active member
May 18, 2003
2,059
1
38
Ummm.. you can just buy the new OS for $30, he didn't necessarily mean buy a whole new system.

Right, junk the car that runs fine, because it's showing a rust spot and buy a whole new one. With Bluetooth. Never consider just repairing the problem for a few bucks.

By my way of thinking, what people need to do is stop leaping for the newest, half-tested fashion product and just keep on using what works well for them, until something comes along that will do what they want so much better that it's actually worth having. Of course that would make you a rebel against our commercial society's entire way of life itself.

As suggested above, if Apple won't anti-virus you, there are others who will.
 

rex_baner

Well-known member
Apr 3, 2007
1,139
221
63
I kinda felt bad for the mac users who believed they weren't going to see this happening any time soon. The moment Iphone was jailbroken was the time to realize macs aren't safe-- even though they were never "safe". Anyways, its nothing big to worry about, but sadly I had to get a new credit card because of the ordeal.... Now i cant even purchase my raspberry pi.
 

djk

Active member
Apr 8, 2002
5,949
0
36
the hobby needs more capitalism
And how is that related to desktop computers that this thread is talking about?
even Microsoft still offer support to their 10+ year old Windows XP untill 2014


and in regards to the phone, ICS updates are still rolling out...with no definitive word that Galaxy S won't receive it. The newer phones are getting it first....I should also note that a friend does infact have ICS running on a jailbroken Galaxy S :p
Because your point is how dare Apple not support its product perpetually. Can I look forward to you chewing out Samsung for doing the same thing to their customers in under a year?

Oh and its not jailbroken, it's rooted and unlocked for Android. ;)
 

Powershot

Active member
May 18, 2003
2,059
1
38

b4u

Active member
Jul 23, 2010
1,789
10
38
Because your point is how dare Apple not support its product perpetually. Can I look forward to you chewing out Samsung for doing the same thing to their customers in under a year?

Oh and its not jailbroken, it's rooted and unlocked for Android. ;)
Ok so your intent was obviously to hijack the thread and make useful heads up information presented to mac users to be made aware of the problem and on how to detect,remove and prevent the current and future malware outbreaks...good for you.

mybad you're correct rooted is the proper term for Android :rolleyes:
 

WoodPeckr

Protuberant Member
May 29, 2002
46,949
5,755
113
North America
thewoodpecker.net
What's amazing is how lackadaisical Apple is on security!

M$ is even faster on their feet when it comes to correcting security holes when they are exposed.

Looks like arrogant Apple has other more important priorities to fret over than security....:Eek:
 
Toronto Escorts