Apple has released a third Java update related to the outbreak Flashback, but this time, the patch comes with a detection and removal capability for the prolific trojan.
The update, for Mac OS X 10.7 (Lion) and 10.6 (Snow Leopard), will kill the most common strains of the malware, which is capable of stealing data and hijacking search traffic, among other malicious actions, and contaminated at its peak some 650,000 machines, according to experts.
The fix from Apple also disables the automatic execution of Java applets, which are most commonly used by the average user to play games and view certain images on websites. Individuals who want Java to automatically run can adjust their settings by visiting the software's "Preferences" application. But be warned: If the Java add-on detects that the software hasn't run in 35 days, it will again turn off Java, though this capability is only available for Lion users.
Some security experts said they supported that type of functionality, which is important considering many computer users run unneeded and out-of-date third-party software, which is commonly used to exploit their machines.
Mikko Hypponen, chief research officer of anti-malware provider F-Secure, tweeted on Friday: "I like the idea of Safari disabling the Java plug-in if unused for 35 days. Next, we need to do the same on all browsers. For all plug-ins."
Ian Melven, a senior security engineer at Mozilla, responded in a tweet that he and his team are working on similar features for the Firefox browser.
Meanwhile, on Friday, security firm Symantec said it has discovered a trojan that is taking advantage of the same (now-patched) vulnerability in Java that Flashback used to spread.
Known as "Sabpab," the "very low" risk trojan, when installed on a machine, opens a back door that can enable a remote attacker to create new processes, download files, take screenshots or install additional malware.
This article originally appeared at scmagazineus.com
Copyright © SC Magazine, US edition
Issue: 345 | December 2015