Posted on 04-11-2012 08:08 AM
Apple is working on a tool...hot off the press:
http://support.apple.com/kb/HT5244
Don
Posted on 04-11-2012 08:29 AM
Better late than never I guess. Should have just patched Java to begin with :(
Posted on 04-11-2012 08:40 AM
Agreed. I do hope this serves as a lesson for Apple that they need to get faster with releasing updates, even if they are 3rd party products used on the platform.
I don't entirely believe the numbers but there are reports of a botnet of Flashback infected Macs that is over a half million strong. (!) Even if the numbers are much lower, this does nothing but give fodder for the Mac-haters out there to claim that Macs are "just as vulnerable as PCs'" or something. It doesn't matter if its not true, the truth never stopped that crowd from making ridiculous claims in the past.
Posted on 04-11-2012 08:44 AM
The dumber the user, the more vulnerable any computer is. So technically the Mac is every bit as vulnerable to this type of attack as the Windows computers. We just need to protect the really dumb users by preventing them from being able to install these types of things, but out of the box every user on a Mac is an Admin, so really Apple is no better than Windows in that respect.
Posted on 04-11-2012 08:50 AM
Apple serves us Java they better serve us a version that isn't spoiled and sitting on the counter for 3 months.
Posted on 04-11-2012 09:26 AM
@nessts, while I agree its part of our job to protect against stupidity, when Apple takes months to release an update from a vendor with such a nasty exploit in it, it makes our jobs of protecting the dumb people that much harder, unnecessarily. Its one thing for someone to foolishly fall for a human engineering exploit that asks for your admin password. Its quite another when you can get infected just by visiting a website.
I just think they were really too slow in addressing this and are faster next time.
Posted on 04-11-2012 09:30 AM
Also I wouldn't call anyone dumb just not as knowledgeable. Not everyone strives to learn or know how a computer works thats what we get paid for.
Posted on 04-11-2012 09:33 AM
Does anyone know if ClamXav checks for and removes this malware? I've read that it won't install if ClamXav is present, but, I'd like to know if it also disinfects if it is somehow present on the computer.
~Ted
Posted on 04-11-2012 12:12 PM
@taugust04
Yes:
http://lurker.clamav.net/message/20120409.123601.0b3afe7b.en.html
To join:
http://lists.clamav.net/mailman/listinfo/clamav-users
Posted on 04-11-2012 02:11 PM
@donmontalvo
Awesome - thank you sir, for the link. The decision to include ClamXav on all my installs, along with a launchd job to update definitions regularly, turned out to be a wise one.
Posted on 04-11-2012 03:10 PM
Just got a response from Symantec enterprise support on whether their NAV/SEP definitions protect against OSX.Flashback...
The new variant of OSX.Flashback is known as OSX.Flashback.K. Any virus definitions prior to April 9, 2012 will identify the new variant as simply OSX.Flashback. The current virus definitions will detect and remove this threat upon detection on a scan with the SEP client or with Auto-Protect.