Feeds

back to article Apple plugs Java hole after Flashback Trojan intrusion

Apple released a security update for OS X Java on Tuesday, plugging a security vulnerability exploited by the latest Flashback Trojan. The latest variant of the Mac-specific malware appeared on Monday and targeted a vulnerability in Java (CVE-2012-0507) which was patched on Windows machines more than six weeks ago. Apple's new …

COMMENTS

This topic is closed for new posts.
JDX
Gold badge

Not just banking

Tons of browser-based games use Java too.

1
1
Anonymous Coward

Wait, where are the mouth foaming fanbois?

3
2

Other Foam (no, not fanbois, or even Santorum - too messy)

Too bad the fix is only for 10.6.8 & up. Can’t be applied to my incredibly old 10.6.5 (released 1 yr., 4 mos. ago . . .)

I’m sure the reason for this is that it’s far to expensive for Apple to extend the fix to cover at least 2 years of OS, not that Apple is trying to corral users into their walled garden (10.6.6 & up infects Macs with the “app store.”)

Apple only has the best in mind for their customers. Don’t they?

All your phone/pad/app/os/book/music/movie are belong to us.

7
6
Anonymous Coward

Re: Other Foam (no, not fanbois, or even Santorum - too messy)

The problem lies with changes in Java as far as I can tel. It's not apples fault. You could just upgrade I suppose. Is that so difficult?

1
2
Anonymous Coward

Re: Other Foam (no, not fanbois, or even Santorum - too messy)

It's a free upgrade to 10.6.8.

Regarding the App Store 'infection', I'm not entirely sure what your problem is. Yeah it's installed, but you don't have to register and you don't have to use it. You can even drag out of the dock ad delete it from your HD if you're that bothered about it.

Your Mac will still work.

2
1
Facepalm

Re: Other Foam (no, not fanbois, or even Santorum - too messy)

You're refusing to update to the latest patch release (still using 10.6.5 instead of 10.6.8) and yet you're complaining about not being able to use a java fix?

5
1
Anonymous Coward

@bart

That's the problem with Apple. If they followed Google's Android example no one would need to care about updates only working on some versions of the OS.

2
0
Anonymous Coward

Re: Other Foam (no, not fanbois, or even Santorum - too messy)

Not sure how it all works in the Mac world, but I remember that I used to get quite annoyed by not being able to just download patches. If a security update included an extra application, it's not a security update in my books and the supplier can just poke it - I was at the 'angry young man' stage of my life at the time. If I need a patch for something like a browser, I wouldn't want some Yahoo! application being loaded on just because it came with the patch, sorry 'update'. And the supplier should be able to seperate out the security stuff from the functionality stuff so a decision can be made before the install as to whether the extra piece of software is installed in the first place, not have it installed by default.

Having said that, I would rather go through the pain of removing stuff that's not required than exposing an unpatched machine to the network. Not that I've had to do that for a long, long time, thankfully. MikeOS FTW.

0
0
Bronze badge
Alien

Re: Other Foam (no, not fanbois, or even Santorum - too messy)

> Too bad the fix is only for 10.6.8 & up. Can’t be applied to my incredibly old 10.6.5

And the upgrade to 10.6.8 from 10.6.5 is free. Why not apply it? Does it take away any features you use?

2
0

Re: Other Foam (no, not fanbois, or even Santorum - too messy)

Sorry, but what's stopping you from updating to 10.6.8? Genuine question.

0
0
Anonymous Coward

Re: Other Foam (no, not fanbois, or even Santorum - too messy)

Tw*t.

I expect you are running XP SP2 as well.

0
0
Anonymous Coward

Re: Other Foam (no, not fanbois, or even Santorum - too messy)

"I expect you are running XP SP2 as well."

So, you're saying Apple's 1.6.5 of 2010 is equivalent to XP SP2 of 2004?

0
1
Silver badge
Trollface

Re: where are the mouth foaming fanbois?

Holding their fire waiting for the mouth foaming anti-fanbois obviously.

0
0
Anonymous Coward

Re: Other Foam (no, not fanbois, or even Santorum - too messy)

No, but it is a dangerous unpatchable version of the previous mainstream Windows OS (No I don't include Vista as a mainstream OS...), that you would not expect to use on the Internet.

0
0
FAIL

Re: Other Foam (no, not fanbois, or even Santorum - too messy)

Right it's not Apples fault even though Microsoft fixed this known vulnerability six weeks before Apple did. Be careful you don't trip over your untied fanboyism

0
0
Anonymous Coward

Don't care

Java is not installed on my macs...

3
0
Silver badge
Unhappy

Re: Don't care

Wish I could get rid of the malware enabler myself but alas I need it for my dnla server PS3 Media Server.

0
0
Bronze badge
Boffin

Re: Don't care

> Java is not installed on my macs...

I wish I can say that, but for some reason LibreOffice requires it.

1
0

Re: Don't care

If only...

But Adobe Creative Suite demands it too. Personally I have no use for it, but the other half uses it for work. Thus we have to have Java installed.

0
0
Anonymous Coward

First Steps On The Pathway To Nirvana

OS X never ships with Java installed anymore.

If you are one of the unfortunate souls tricked by Satan and ended up in eternal purgatory there is still hope for the redemption of your immortal soul:

The steps are as follows:

1. Check for Java Installation using your almighty holy Bash Terminal:

sudo /usr/libexec/java_home -xml (an output with two JVM dictionaries confirms that Java is installed)

2. Run the demon spawns uninstaller:

sudo /usr/libexec/java_home –uninstall

3. Remove the demon spawns JVM installation location:

sudo rm -rf /System/Library/Java

4. Run command from step 1 again (an output starting with "Unable to find any JVMs matching version" confirms that Java is no longer installed.

5. Say 10,000 hail marys and you might be able to be let out of purgatory.

... that is all

2
3
Silver badge
WTF?

Re: First Steps On The Pathway To Nirvana

Or you could disable Java in the browser preferences...

0
1
Anonymous Coward

Mac botnet

Some Russian security firm reckons they have found a botnet of Macs, established using the Flashback trojan:

http://news.drweb.com/?i=2341&c=5&lng=en&p=0

I thought that Macs (unlike Windows systems) were inherently safe and secure and that fruity followers need not worry about such things.

0
0
Gold badge
Coat

Re: Mac botnet

Hmm, maybe the fanbois are going to have to eat crow over their pooh-poohing of the old "security through obscurity" tag....

1
0
This topic is closed for new posts.