Apple has released two specific Java updates to stop the Flashback Mac malware and announced it is working on a software tool to remove existing infections but the company continues to be attacked by security experts for its complacency.
Apple attacked by Kaspersky over Flashback
The first versions of this type of threat were detected in September 2011. The infected computers have been combined in a botnet, which enables cybercriminals to install additional malicious modules on them at will.
How to check if your Mac is Flashback infected
Anti-virus giant Kaspersky Lab, which makes both Windows and Mac security software, today criticised the speed of Apple’s response to the three-month-old Flashback security breach.
“The three-month delay in sending a security update was a bad decision on Apple’s part,” said Alexander Gostev, Kaspersky’s chief security expert.
The breach in Java attacked by Flashback was quickly patched in Windows by Java creator Oracle.
However, Apple continues to control the distribution of Mac OS X software updates for OS X, and didn’t act so quickly.
Apple's new Flashback killer tool
“Apple doesn't allow Oracle to patch Java for Mac. They do it themselves, usually several months later,” said Mr Gostev.
“This means the window of exposure for Mac users is much longer than PC users. This is especially bad news since Apple’s standard anti-virus update is a rudimentary affair which only adds new signatures when a threat is deemed large enough.”
“Apple knew about this Java vulnerability for three months, and yet neglected to push through an update in all that time!”
As we reported yesterday, on order to make it easier for average users to check whether their computers are infected, Kaspersky Lab launched a website on Monday where people can input their systems' unique hardware identifiers (UUIDs) to see if they are among the almost 700,000 Macs known to be infected with Flashback so far.
Kaspersky also released a stand-alone removal tool for the Flashback malware, which Mac owners can download and use for free. However, it's probably a good idea to install a full-featured antivirus program after running this tool in order to prevent future infections.
Comments
Maccyroo said: Kaspersky should maybe get their own house in order before they start being critical of othersI have been up to now very impressed by their security products for Windows That is until my KIS 2012 flagged an innocent process i knew was safe and refused to let me override believing it was Trojan It was actually the innocent auto-update feature of WinstepNexus the popular docking utility for WindowsI contacted Kaspersky support for the first time everafter using their security software for nearly four years AsI was areporting afalse positive which allows them to improve their detection algorithm I expected a good level of supportHowever after filling out the web form on their support site i hit the first snag They wanted the program that caused the false positive uploaded to their technicians Unfortunately they have a files size limit of only 5MB and even zipped the applications installer was nearly 25MBI was dealing as you would expect with reporting a false positive with a person in their programming supportThe guy told me that they needed the file and that I could upload it to their FTP site Unfortunately as a programmer he obviouslyfelt he was too important to give methe details on how to do thisDespite the fact that we had already swapped several emails on this particularmatter and he knew all the details I was told that I had to contact their technical support to get instructions to upload to their FTP site I asked why he couldnt just email the instructions and he said he was too busy to do this and it wasnt his jobHe said I would have to raise a completely new supportrequest and start from scratch another area of their support They would then pass me the instructions for the FTP upload and then I would have to raise another new request with his dept to get the matter of the false positive sorted as apparently that was his departmentIs this political correctness gone mad I dont think so at all It was obvious by the guys attitude that he felt it beneath his station as a programmer to email me instructions on how to upload via FTP or even pass on an internal request to another department to do itI am not at all impressed particularly as their software should have allowed me to override and didnt And it was their support sites limitation of only accepting files up to 5MB and they insisted they needed the file Crazy