Another OS X Java Update to Mitigate Flashback-like Malware

In two posts [ 1 / 2 ] last week, I warned you about an Apple OS X Java update that fixed a vulnerability attackers were leveraging to spread a mac trojan called Flashback. According to reports, this botnet trojan infected over 600,000 Mac users.

Today, Apple released yet another OS X Java update, this time designed to remove Flashback infections and to potentially mitigate future Java attacks.

According to Apple’s advisory, Java for OS X Lion 2012-003 configures the Java web plug-in to disable automatic execution of Java applets. This means if you visit a web page containing malicious (or legitimate) Java code, that code will not run automatically; thereby possibly preventing a drive-by download attack. The update does still allow you to manually re-enable automatic Java applet execution. However, if you do so, the plug-in will re-disable it if it detects you haven’t run Java applets for a long period of time.

This update also tries to detect and remove Flashback infections from your computer. It will inform you if it finds and removes an infection, otherwise it will remain silent when installed.

Though I don’t think the 2012-003 Java update is as critical as the first ones (which actually corrected Java vulnerabilities), it can help mitigate future Java-based attacks. If you’re a Mac user, I recommend you install it as soon as you can, or let Apple’s Software Updater do it for you. One note though…at the time of writing, though Apple had released their advisory and email about this update’s availability, I could not locate the update on their download page. I can only assume they either haven’t finished posting it, or have pulled it temporarily for some reason. In any case, I suspect it will show up on their download page, or in their Software Updater shortly.  — Corey Nachreiner, CISSP (@SecAdept)

About Corey Nachreiner

Corey Nachreiner has been with WatchGuard since 1999 and has since written more than a thousand concise security alerts and easily-understood educational articles for WatchGuard users. His security training videos have generated hundreds of letters of praise from thankful customers and accumulated more than 100,000 views on YouTube and Google Video. A Certified Information Systems Security Professional (CISSP), Corey speaks internationally and is often quoted by other online sources, including C|NET, eWeek, and Slashdot. Corey enjoys "modding" any technical gizmo he can get his hands on, and considers himself a hacker in the old sense of the word.

3 Responses to “Another OS X Java Update to Mitigate Flashback-like Malware”

  1. Malwares can easily destroyed using Comodo antivirus


  1. WatchGuard Security Week in Review: Episode 13 | WatchGuard Security Center - April 13, 2012

    […] Another Apple OS X Java update – WatchGuard Security Center […]

  2. WatchGuard Security Week in Review: Episode 13 « microreksa - April 15, 2012

    […] Another Apple OS X Java update – WatchGuard Security Center […]

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: