Third Apple Java update rids infections and turns off Java

Share this article:

Apple has released a third Java update related to the outbreak Flashback, but this time, the patch comes with a detection and removal capability for the prolific trojan.

The update, for Mac OS X 10.7 (Lion) and 10.6 (Snow Leopard), will kill the most common strains of the malware, which is capable of stealing data and hijacking search traffic, among other malicious actions, and contaminated at its peak some 650,000 machines, according to experts.

The fix from Apple also disables the automatic execution of Java applets, which are most commonly used by the average user to play games and view certain images on websites. Individuals who want Java to automatically run can adjust their settings by visiting the software's "Preferences" application. But be warned: If the Java add-on detects that the software hasn't run in 35 days, it will again turn off Java, though this capability is only available for Lion users.

Some security experts said they supported that type of functionality, which is important considering many computer users run unneeded and out-of-date third-party software, which is commonly used to exploit their machines.

Mikko Hypponen, chief research officer of anti-malware provider F-Secure, tweeted on  Friday: "I like the idea of Safari disabling the Java plug-in if unused for 35 days. Next, we need to do the same on all browsers. For all plug-ins."

Ian Melven, a senior security engineer at Mozilla, responded in a tweet that he and his team are working on similar features for the Firefox browser.

Meanwhile, on Friday, security firm Symantec said it has discovered a trojan that is taking advantage of the same (now-patched) vulnerability in Java that Flashback used to spread.

Known as "Sabpab," the "very low" risk trojan, when installed on a machine, opens a back door that can enable a remote attacker to create new processes, download files, take screenshots or install additional malware.


Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.

Professor says Google search, not hacking, yielded medical info

Professor says Google search, not hacking, yielded medical ...

A professor of ethical hacking at City College San Francisco came forward to clarify that he did not demonstrate hacking a medical center's server in a class.

Syrian Malware Team makes use of enhanced BlackWorm RAT

Syrian Malware Team makes use of enhanced BlackWorm ...

FireEye analyzed the hacking group's use of the malware, dubbed the "Dark Edition" of BlackWorm.