Do-Over: Apple Takes Second Stab at Blocking Mac Trojan

  • Share
  • Read Later

Did you tell your Mac to “check for new software” in view of the worrisome Trojan botnet virus that clambered across the Internet and onto over half a million Macs recently? Download Apple’s Java update to “improve compatibility, security, and reliability”? Well, you’ll want to run “Software Update” again, because Apple just issued a second Java update, ostensibly designed to really-really put the screws to the much-discussed Flashback-related malware exploit that first surfaced in February.

I’m looking at the download pop-up for it on my Mac as I type this (that’s it above), and as security firm Intego points out, the Apple support document for the update appears to be simply the original Java update’s page (it still lists the original patch’s issuance date of April 3, for instance). In fact the online text is mismatched: The support page lists the update as “Java for OS X Lion 2012-001” (though correctly identifying the version of Java SE 6 as 1.6.0_31 in the second update), where Software Update lists it as “Java for OS X Lion 2012-002.”

(MORE: Like the Titanic, Macs Aren’t Unsinkable: 600,000 Claimed Infected with Botnet Virus)

Another notable difference: Intego says the new update is just for Lion users, where the original was for both Lion and Snow Leopard users. In any case, Intego says “it is essential that all Mac users apply this update” because “[the] Flashback malware has been very active in the wild, and can install with no user interaction, if Java is not patched.” Of course it’s also probably time to install anti-virus software, if you’re not running something already. I use Sophos’ free Mac anti-virus tool, though there are others, including one from PC Tools called iAntiVirus.

Earlier this week, Russia-based antivirus vendor Dr.Web reported that upwards of 600,000 Macs globally were infected with a Flashback malware-related Trojan capable of propagating to Macs by redirecting browsers to infected websites that use a Java exploit to download an executable file to a user’s hard drive. Security site F-Secure quickly followed with instructions on how to remove the exploit if your computer’s been compromised.

With two rapid-fire security updates from Apple in less than a week, you might say “it’s beginning to look a lot like Windows…”

MORE: Okay, Maybe This Mac Security Problem Is Real