Apple has released a third Java update related to the outbreak Flashback, but this time, the patch comes with a detection and removal capability for the prolific trojan.
The update, for Mac OS X 10.7 (Lion) and 10.6 (Snow Leopard), will kill the most common strains of the malware, which is capable of stealing data and hijacking search traffic, among other malicious actions, and contaminated at its peak some 650,000 machines, according to experts.
The fix from Apple also disables the automatic execution of Java applets, which are most commonly used by the average user to play games and view certain images on websites. Individuals who want Java to automatically run can adjust their settings by visiting the software's "Preferences" application. But be warned: If the Java add-on detects that the software hasn't run in 35 days, it will again turn off Java, though this capability is only available for Lion users.
Some security experts said they supported that type of functionality, which is important considering many computer users run unneeded and out-of-date third-party software, which is commonly used to exploit their machines.
Mikko Hypponen, chief research officer of anti-malware provider F-Secure, tweeted on Friday: "I like the idea of Safari disabling the Java plug-in if unused for 35 days. Next, we need to do the same on all browsers. For all plug-ins."
Ian Melven, a senior security engineer at Mozilla, responded in a tweet that he and his team are working on similar features for the Firefox browser.
Meanwhile, on Friday, security firm Symantec said it has discovered a trojan that is taking advantage of the same (now-patched) vulnerability in Java that Flashback used to spread.
Known as "Sabpab," the "very low" risk trojan, when installed on a machine, opens a back door that can enable a remote attacker to create new processes, download files, take screenshots or install additional malware.
This article originally appeared at scmagazineus.com
Copyright © SC Magazine, US edition
Issue: 338 | May 2015
Access CRN's extensive online resources including; email bulletins, community discussions and unique online news.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can log on to the CRN website or start posting comments on articles.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain '@crn.com.au' to your white-listed senders.