JAVA FOR MAC APPLE PATCH
In 2009, I examined Apple’s patch delays on Java and found that the company patched Java flaws on average about six months after official releases were made available by then-Java maintainer Sun. If you need further convincing of my reasons for this recommendation, I’d encourage you to browse through some of my past Java-related posts.Īpple maintains its own version of Java, and as with this release, it has typically fallen unacceptably far behind Oracle in patching critical flaws in this heavily-targeted and cross-platform application. I can’t stress this point strongly enough: If you don’t need Java, remove it from your system, whether you are a Mac or Windows user. In Mozilla Firefox for Mac, click Tools, Add-ons, and disable the Java plugin(s).
Scroll down to the Plug-ins section, and click the link that says “Disable individual plug-ins.” If you have Java installed, you should see a “disable” link underneath its listing.
In Google Chrome, open Preferences, and then type “Java” in the search box. In Safari, this can be done by clicking Preferences, and then the Security tab (uncheck “Enable Java”). If you need Java on your Mac only for a specific application (such as OpenOffice), you can unplug it from the browser by disabling its plugin. F-Secure has additional useful information on this Trojan attack here.Īs Ars notes, although Apple stopped bundling Java by default in OS X 10.7 (Lion), it offers instructions for downloading and installing the Oracle-developed software framework when users access webpages that use it. Early versions of it prompted Mac users to enter their password before it would run, but the most recent strains will happily infect vulnerable Mac systems without requiring a password, writes Ars Technica, among others. Dr.Web’s post is available in its Google translated version here.įlashback is an increasingly sophisticated malware strain that sniffs network traffic in search of user names and passwords. based systems (hat tip to Adrian Sanabria). The revelations come from Russian security firm Dr.Web, which reports that the Flashback Trojan has successfully infected more than 550,000 Macs, most which it said were U.S. But in the past few days, information has surfaced to suggest that the same flaw has been used with great success by the Flashback Trojan to infect large numbers of Mac computers with malware.
JAVA FOR MAC APPLE FOR MAC OS X
The update, Java for OS X Lion 2012-001 and Java for Mac OS X 10.6 Update 7, sews up an extremely serious security vulnerability ( CVE-2012-0507) that miscreants recently rolled into automated exploit kits designed to deploy malware to Windows users. Distribution of 550,000 Flashback-infected Macs.
0 kommentar(er)
