Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Updates Java To Include Flashback Removal

Posted by samzenpus on from the protect-ya-neck dept.

Fluffeh writes "In the third update to Java that Apple has released this week, the update now identifies and removes the most common variants of the Flashback malware that has infected over half a million Apple machines. 'This Java security update removes the most common variants of the Flashback malware,' Apple wrote in the support document for the update. 'This update also configures the Java web plug-in to disable the automatic execution of Java applets. Users may re-enable automatic execution of Java applets using the Java Preferences application. If the Java web plug-in detects that no applets have been run for an extended period of time it will again disable Java applets.'"

3 of 121 comments (clear)

  1. Re:No way! by Kenja · · Score: 5, Informative

    Macs don't get viruses!

    Almost no computer gets viruses anymore. Trojans & malware on the other hand...

    --

    "Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
  2. Re:immature=no java by BasilBrush · · Score: 5, Informative

    What, you mean a new feature? Wikipedia is your friend, there's a long list of new features for every major OSX version.
    e.g.
    http://en.wikipedia.org/wiki/Osx_lion

  3. Re:immature=no java by cbhacking · · Score: 5, Informative

    As of 2010, Adobe Reader was kicking Preview's ass on security. No, that's not a joke. Nor is it fanboyism; I don't use either one. It's just a plain and simple fact. The probable reason? Adobe, like Microsoft, has had many years of being a high-profile target, and has put a lot of effort into finding and fixing security bugs. Apple, quite frankly, has not.

    http://net-security.org/secworld.php?id=9725
    Watch the second video, and jump ahead to 8:57 (almost the end) if you want a simple comparison.

    For the lazy, here's the basic facts: Preview had from the same set of 1400 PDFs downloaded from the web, run through a mutational fuzzer to produce 2.8 million test files. Preview had 7 times as many unique crashes as Adobe Reader, and at least 3 times (more realistically, probably 10 times; at worst, 20 times) as many exploitable bugs.

    When a guy like Charlie Miller (very well-respected security researcher) can find 7 security bugs in Apple's code for each one he finds in Adobe's (using the exact same test cases), Apple has a serious security problem.

    --
    There's no place I could be, since I've found Serenity...