![]() In its advisory, Apple said it “is working with ISPs worldwide to disable the command and control network” that criminals were using to direct the activities of the Flashback botnet. Users may re-enable automatic execution of Java applets using the Java Preferences application.” If the Java web plug-in detects that no applets have been run for at least 35 days, it will again disable Java applets. It includes no new security fixes, but it adopts a novel approach to the debate over whether to temporarily disable or remove Java: “It configures the Java web plug-in to disable the automatic execution of Java applets. ET: Apple just released a new version of Java that includes a Flashback remover. Java for OS X Lion 2012-003 delivers Java SE 6 version 1.6.0_31 and supersedes all previous versions of Java for OS X Lion. Flashback attacks a well-known Java flaw, but it’s worth noting that Apple released the Java patch only after Flashback had begun infecting hundreds of thousands of Macs. The company’s advisory on this threat is predictably sparse, and focuses instead on urging users to apply a recent update for Java. Inexplicably, it has not yet released this tool, nor has it added detection for it to the XProtect antivirus tool built into OS X. Where is Apple’s response in all of this, you ask? Apple says it is developing software that will detect and remove Flashback. The service requires users to enter their Mac’s hardware unique user ID (HW-UUID), because this is how the miscreants who were running the botnet kept track of their infections.į-Secure Corp., the Finnish security firm that worked with Dr.Web to more accurately gauge the true number of Flashback-infected Macs, has a Flashback Removal Tool available for download from its Web site. Dr.Web, the Russian antivirus vendor that first sounded the alarm about the outbreak, has published a free online service that lets users tell whether their systems have been seen phoning home to Flashback’s control servers (those servers have since been hijacked by researchers). Since the discovery last week of the Flashback Mac botnet, several security firms have released tools to help detect and clean up Flashback infections. Screen shot of Flashback detection tool from Dr.Web
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |