Apple Releases Second Update to Java in Two Days

[pboy2k5]

I noticed the second update fixes the device playback capability between Vuze (torrent software) and iTunes because the first one gave an error message that iTunes was not installed whenever I launched Vuze.

[codo]

Gosh I've been putting off restarting for weeks.... I really had better sort this out!

[kemo]

Quote:

Originally Posted by codo

Gosh I've been putting off restarting for weeks.... I really had better sort this out!

Image

no worries, soon there will be 10.8 released - Id not worry about waiting until that.

[hajime]

Through software update, I got the first update. However, I cannot get the second update. Anybody knows the reason? I am using 10.6.8 Thanks.

[Morod]

Quote:

Originally Posted by hajime

Through software update, I got the first update. However, I cannot get the second update. Anybody knows the reason? I am using 10.6.8 Thanks.

The second update is for Lion. I run SL 10.6.8 and I didn't get the second update, either.

[MonkeySee....]

I love how these "professionals" are calling it a virus

[adamw]

Since I found I was infected with this yesterday and removed it, I was told to download the "Little Snitch" app, which I googled and installed the 3 hour demo of. I thought my system was clean of this trojan, as I followed the F-Secure removal instructions, but it appears this trojan installs other stuff once it gets in (via the Java exploit).

Little Snitch informed me that a file named .rserv (~/.rserv) in my Users directory on my Mac was trying to connect to cuojshtbohtnet.com or .net and several other strange sounding web sites. I denied them doing so and Googled .rserv and another program on my Mac that was doing similar attempts.

Also watch out for a file named: com.adobe.reader.plist in user launch agents directory. It was attempting to contact these same strange websites as .rserv was. I Googled these names and found in the last few days many other Mac users are seeing this same behavior when catching these "buggers" via the "Little Snitch" app.

Again, even though my system showed clean via the F-Secure instructions after I removed the infected files they mention, I believe I still had 2 other infected program files (same file date of March 29th also) related to this trojan that went undetected, and were only found by running this "Little Snitch" app which monitors programs trying to use your outgoing Internet connection.

[widestload]

Quote:

Originally Posted by Morod

To find out if you're infected, do this:


Originally Posted by Sirolway
What's the easiest way to determine if you're infected?...


In terminal run:
Quote:
defaults read /Applications/Safari.app/Contents/Info LSEnvironment
You should get this error:
Quote:
The domain/default pair of (/Applications/Safari.app/Contents/Info, LSEnvironment) does not exist
Then run:
Quote:
defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES
You should get this error:
Quote:
The domain/default pair of (/Users/YOURUSER/.MacOSX/environment, DYLD_INSERT_LIBRARIES) does not exist


You can copy and paste the two commands into Terminal. To open Terminal, go to Finder>Applications>Utilities>Terminal. Double click on Terminal. Hit enter after each command.
Just be careful when using Terminal. It's one of the few places where you can really mess up your computer.

when you say that you should see those responses, does that mean you should see them if you are infected, or that's what you should see if every thing's 'normal' and you're not?

[AustinIllini]

Quote:

Originally Posted by widestload

when you say that you should see those responses, does that mean you should see them if you are infected, or that's what you should see if every thing's 'normal' and you're not?

I believe he is referring to an uninfected machine.

[codo]

Quote:

Originally Posted by kemo

no worries, soon there will be 10.8 released - Id not worry about waiting until that.

All updated in the meantime

Good to see that Apple got a quick fix out for this.

[hajime]

Quote:

Originally Posted by Morod

The second update is for Lion. I run SL 10.6.8 and I didn't get the second update, either.

Thanks.

[DrFreeman]

Quote:

Originally Posted by pboy2k5

I noticed the second update fixes the device playback capability between Vuze (torrent software) and iTunes because the first one gave an error message that iTunes was not installed whenever I launched Vuze.

I was getting an error message in MATLAB as well. It is now gone after this update.

[i.mac]

Quote:

Originally Posted by Westside guy

It's not unknown for a company to patch a patch if they discover the first patch had issues - just off the top of my head I can remember past instances where Microsoft, Apple, Adobe, and Mozilla did that.

Who cares...

----------

Quote:

Originally Posted by Comeagain?

No, just turn Gatekeeper off. Its just there as protection for the uneducated.

I'm an educated person, and I'll turn gatekeeper ON.

I would say that gatekeeper ON is a wise choice for M O S T folks, and most folks who own apple gear are highly educated.

[SPUY767]

Quote:

Originally Posted by Jabman

It's also Friday the 6th right now.

And as of this posting, his post has 6 likes.

[Winter Charm]

Quote:

Originally Posted by HishamAkhtar

So eventually all software will have to be downloaded from the App Store.

Jail-broken Macs? Who would have thought it.

Absolutely wrong.

By default, digitally unsigned apps will not work, but in system pref's there's a toggle that lets you switch. Essentially that toggle lets power users run unsigned apps.

Signed apps will be available from the mac app store AS WELL AS from external downloads.

----------

Quote:

Originally Posted by codo

Gosh I've been putting off restarting for weeks.... I really had better sort this out!

Image

Holy God....

[Moonjumper]

In the thread about the initial Java update, there was a reply that it broke uploading to the Mac App Store. I wonder if this patch is to fix that issue?

[justperry]

Quote:

Originally Posted by adamw

...................

Also watch out for a file named: com.adobe.reader.plist in user launch agents directory....................

I think that file is safe, I deleted it about a week ago when cleaning up My Mac so I can not open it anymore to see what's inside, I did before and it seemed fine with Me but still deleted it.
I don't have .rserv and I checked My whole disk with clamX a few weeks ago, nothing showed up, also checked for the Java exploit and also nothing there.
So, that file seems fine, but delete it if you are not sure.

Quote:

Originally Posted by Moonjumper

In the thread about the initial Java update, there was a reply that it broke uploading to the Mac App Store. I wonder if this patch is to fix that issue?

That fixed it.

[wpugh]

The first update installed

• Java(TM) SE Runtime Environment (build 1.6.0_31-b04-413-11M3623)

The second update installed

• Java(TM) SE Runtime Environment (build 1.6.0_31-b04-414-11M3626)

So there is some change to the actual JVM installed. Don't know what the changes are.

[gianlu72]

IMHO, this second update has nothing to do with Flashback trojan or Java security. It simply fixes this silly bug (see the second answer):

http://stackoverflow.com/questions/5...e-itunes-store

It seems the Application uploader of Xcode uses Java 1.5, and they forgot about it.

[Elevon]

I want a flash update lol

[jeffmic]

They fixed iTunes Producer with the update. It had a java error when uploading with version 001

[King Flamez1]

I haven't gotten either of these updates and I'm running OSX 10.7.3 on my MBP
Should I be worried?

[cjmillsnun]

Quote:

Originally Posted by King Flamez1

I haven't gotten either of these updates and I'm running OSX 10.7.3 on my MBP
Should I be worried?

No I wouldn't be worried. Java isn't installed on Lion by default but is an optional component. If Java isn't installed on your mac then it is safe and there is no need to update.

[Wrathwitch]

For what it's worth, this update isn't just for Lion. I just installed it on my iMac which is running SL.

[longofest]

Quote:

Originally Posted by Michaelgtrusa

Well they are on top of this.

No, they really aren't. If they were, they would have released these patches weeks ago when oracle released them!

----------

Quote:

Originally Posted by macsmurf

Java 6 update 31 for Windows and Linux was released february 27 in reponse to this vulnerability. Apple releases it April 3 - and they apparently still messed it up.

If that's upping their game I'd hate to see their previous game.

I think they took 6 months to get a java vulnerability patched once...