Apple has today pushed out an update for OS X which it hopes will close hole that allowed the Flashback Trojan to infect over half a million Macs.
The update, named simply Java for OS X 2012-003, comes after over 600,000 Macs were infected by the Flashback Trojan at its peak, leaving third party developers to put together various apps for diagnosing and then cleaning infected systems.
With Mac owners almost never being the victims of such attacks – Windows-powered PCs have traditionally been the target of such nastiness – questions are now being asked as to whether this may signal the beginning in a shift of focus for the bad guys.
Apple’s fix is now available as a standard update via the Software Update procedure we all know and love. As well as plugging the hole exploited by Flashback, the fix also disables the automatic execution of java applets. If a user then decides to reactivate it, the system will automatically disable it once again after a set period of time when applets have not been run.
The complete changelog of the update reads as follows, offering nothing more than security fixes:
This Java security update removes the most common variants of the Flashback malware.
This update also configures the Java web plug-in to disable the automatic execution of Java applets. Users may re-enable automatic execution of Java applets using the Java Preferences application. If the Java web plug-in detects that no applets have been run for an extended period of time it will again disable Java applets.
Apple was reported to be working on both a fix and its own cleaning tool last week, and with the fix now being implemented on Macs all over the world, we now await an Apple-branded cleaning tool. Until then, companies like F-Secure and Kaspersky have already offered such tools, and anyone infected would do well to give those a shot sooner rather than later.
Apple will be hoping, as will all Mac owners, that this does not signal the beginning of a new wave of Mac-targeted Trojans and viruses. Until now Apple’s machines have operated under a security method based on security via obscurity. With few people using Macs compared to those with Windows, writers of malicious apps have targeted Microsoft’s platform because it offered the largest target. Now that the Mac is growing in share and selling in record numbers, that method of protection may no-longer be as valid as it once was.
Its highly recommended, and we can’t emphasize more on the fact that you should indeed update your Mac by installing this update. it’s a big safety precaution, and will keep your Mac from being compromised and your data getting into the wrong hands.