TidBITS: How to Detect and Protect Against Updated Flashback Malware

/Home/Internet Security: Articles/Internet Security: TidBITS/TidBITS: 2012

05 Apr 2012
by Adam C. Engst

Apple has released updates to its Java libraries for users of Mac OS X 10.7 Lion and 10.6 Snow Leopard (see "Java for OS X Lion 2012-001 and Java for Mac OS X 10.6 Update 7," 3 April 2012).

The updates bring the Java runtime engine up to version 1.6.0_31 and fix multiple vulnerabilities in Java version 1.6.0_29, “the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox.” What those release notes aren’t saying is that the vulnerabilities in question were being exploited in the wild by a new variant of the Flashback malware (see “Beware the Morphing Flashback Malware,” 27 February 2012).

Click the URL above to read the full article