Mac Java Trojan: over 600.000 Macs affected – how to secure your Mac [Update]
Update: F-Secure offers a FlashbackRemoval Tool, the Flashback Checker app tells you if your machine is infected.
The Flashback Trojan for Apple's Mac OSX already infected over 600.000 Machines, according to @hexminer on twitter. There is an existing Java Security Update from Apple, all users should update immediately.
Apple is too slow in releasing security fixes - the last known security holes in Mac OSX Java took Apple over 6 months to fix.
F-Secure shows how to secure your Mac by disabling Java. Lion does not come with Java by default, although most of the times it is installed afterwards (running Java applets or Java applications, the Systems asks to install the Java package).
The Flashback Trojan hides as Adobe Flash Player, so the most secure thing to do is to remove Java and Flash from your system. Adobe Flash still does not completely work with Mac OSX Lion, bugs that were reported by Nanofunk over 6 months ago are still open.
Gizmodo posted a simple way how to test if you are infected:
Run the following command in Terminal:
defaults read /Applications/Safari.app/Contents/Info LSEnvironment
Take note of the value, DYLD_INSERT_LIBRARIES
The expected output should be:
"The domain/default pair of (/Applications/Safari.app/Contents/Info, LSEnvironment) does not exist"
Then, run this command:
defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES
"The domain/default pair of (/Users/joe/.MacOSX/environment, DYLD_INSERT_LIBRARIES) does not exist"
"does not exist" means you've got a healthy rig. If there is any other message, keep following F-Secure's instructions to vanquish the intruder.
Apple Releases OS X 10.7.1 with Fixes for Video in Safari, Audio Out, Wi-Fi and More
Apple released Mac OSX Lion 10.7.1 updates today, with the following release notes:
The 10.7.1 update is recommended for all users running OS X Lion and includes general operating system fixes that enhance the stability and compatibility of your Mac, including fixes that:
- Address an issue that may cause the system to become unresponsive when playing a video in Safari
- Resolve an issue that may cause system audio to stop working when using HDMI or optical audio out
- Improve the reliability of Wi-Fi connections
- Resolve an issue that prevents transfer of your data, settings, and compatible applications to a new Mac running OS X Lion
For detailed information on this update, please visit this website: http://support.apple.com/kb/HT4764.
There is not much fixed, at least not for the reported issues such as SSD TRIM support for non-apple SSDs and the well known flash issues.
Still, Seems more stable. There is a seperate update for 10.7.1 Server and another update specific to the latest MacBook Air and Mac mini models, adding a few additional fixes. (via macrumors)
Pages
- About
- DSLR Video: Panasonic GH2 and GH3 hacked
- Guide to BlackMagic Design Cinema Camera
- Hackintosh Mini Guide: which Hardware, how to hack? 10.7, 10.8
- Support this Page
@nanofunk on twitter
Categories
Recommended Gear
-
Black Magic Design Cinema Camera with Canon EF of MFT Mount. RAW Video, 13 Stops, available.
-
Panasonic GH2 hacked: the perfect entry level video camera system (easy hacking) for indies. MFT Mount.
Archive
- May 2013
- April 2013
- March 2013
- January 2013
- October 2012
- September 2012
- July 2012
- June 2012
- May 2012
- April 2012
- March 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- April 2011
- March 2011
- February 2011
- July 2010
- June 2010
- December 2009
- November 2009
- October 2009
- September 2009
- July 2009
- March 2009