I love how these "professionals" are calling it a virus
This was my first thought. PC users will be all over this until they realize it was falsely reported as a virus, again.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Releases Second Update to Java in Two Days
- Thread starter MacRumors
- Start date
- Sort by reaction score
This was my first thought. PC users will be all over this until they realize it was falsely reported as a virus, again.
Since when is The Drudge Report a reputable source of news relating to Apple? (Or reputable news relating to anything??)
Hey if it's broken fix it.
Go to PC sites and its the end of the world and cats and dogs are falling from the sky when it comes to that lame trojan horse flash/java that came out in the news.
Did not even blink worrying about it.
----------
I went back to the main page after reading the article about 600K Macs being infected. Wow, Apple's upped their game here against this kind of thing.
It cares what did you expect?
----------
How do I tell if I have it?
Right now the easiest way to tell if your computer has been infected is to run some commands in Terminal, a piece of software you'll find in the Utilities folder in your Mac's Applications folder. If you want to find it without digging, just do a Spotlight search for "Terminal."
Once there, copy and paste each one of the code strings below into the terminal window. The command will run automatically:
defaults read /Applications/Safari.app/Contents/Info LSEnvironment
defaults read /Applications/Firefox.app/Contents/Info LSEnvironment
defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES
If your system is clean, the commands will tell you that those domain/default pairs "does not exist." If you're infected, it will spit up the patch for where that malware has installed itself on your system.
----------
I see a few PC
users did not like your comment ROFL.Over blown
Seriously, I think the media is infected with this news more than Mac's are actually infected with this malware. I have yet to come across someone who actually has this...
Isn't the source of the news the creator of the malware? I cast doubt on the 600,000 number....
Seriously, I think the media is infected with this news more than Mac's are actually infected with this malware. I have yet to come across someone who actually has this...
Isn't the source of the news the creator of the malware? I cast doubt on the 600,000 number....
I'm just glad I stay up to date on my updates.......Make the right decision people when Click on the Ok button, and you wouldn't have to worry about any malware. Also the Media is making this bigger that what it really is. Oh wait is it because it's a Mac?? That's right in Windows it's old news to get infected.
This is not necessary true when it comes to trojans.
The act of clicking anything on the window deploys it.
It's best to kill the task then click anything suspicious.
trojan releases, Apple protects against it about 4 hours later. On Windows I would have to use a 3rd party software and it would have a 50% chance of being fixed within 2 weeks.
Just another reason why I am so thankful I converted to mac 7 years ago
Just another reason why I am so thankful I converted to mac 7 years ago
Most Windows users could careless what happens to Apple computers unless an Apple user has been bragging/taunting a Windows user that their computer is impenetrable to viruses and trojans.
This of course would require some payback.
I haven't seen any major news media reporting this issue on TV, local or national.
I'd say a considerable number of folks just decide to buy apple products as they see them as the most expensive therefore they must be the best in performance/fashion which is not always the case. Others will have parents who are willing to buy their children apple products. That doesn't make the product owner highly educated; you'll find many people just buy what others are buying regardless of the products comparitive features to other products.
Gatekeeper is amazing. This might actually be the end of viruses/malware.
Imagine you need a certificate to run on OS X. Anyone can get this certificate so for a developer, it's no more work than clicking a few buttons. But it allows Apple to have a kill switch on all the stuff you've written; if you're a baddie, your code just won't run on OSX.
Some will slip through the net but creating a botnet of significant size in such a system is going to be impossible.
A virus could get into your system using a zero day exploit and disabling Gatekeeper. But once it's detected, it won't get into any other systems, so the disease is instantly contained to those that already have it. Quarantine!
Imagine you need a certificate to run on OS X. Anyone can get this certificate so for a developer, it's no more work than clicking a few buttons. But it allows Apple to have a kill switch on all the stuff you've written; if you're a baddie, your code just won't run on OSX.
Some will slip through the net but creating a botnet of significant size in such a system is going to be impossible.
A virus could get into your system using a zero day exploit and disabling Gatekeeper. But once it's detected, it won't get into any other systems, so the disease is instantly contained to those that already have it. Quarantine!
trojan releases, Apple protects against it about 4 hours later. On Windows I would have to use a 3rd party software and it would have a 50% chance of being fixed within 2 weeks.
Just another reason why I am so thankful I converted to mac 7 years ago
Not so, Your Highness -- or at least not so in the way you're thinking. The vulnerability has been known -- and unpatched by Apple -- for months.
The thief's just appeared, but the door's been standing open for a long time.
MarkMS, I just wanted to say thank you for your help. I did as you suggested and my computer was clean. I have never used the terminal before. Thank you.
Larry Campbell
Larry Campbell
Crap Software
Yeah, Steve Jobs hated Java and Flash because they're both a house of cards. He would have preferred not to have either one on OS X for this very reason. Maybe he thought if Apple ignored them they would just go away. They are still around and causing more trouble than ever. Apple never has updated Java on a timely basis. Now there's a reason to do so. I think they'll stay on top of it from now on. One thing that is irritating is surfing the web with iOS and hitting a site that is Flash only. Oh well...Life goes on.
Yeah, Steve Jobs hated Java and Flash because they're both a house of cards. He would have preferred not to have either one on OS X for this very reason. Maybe he thought if Apple ignored them they would just go away. They are still around and causing more trouble than ever. Apple never has updated Java on a timely basis. Now there's a reason to do so. I think they'll stay on top of it from now on. One thing that is irritating is surfing the web with iOS and hitting a site that is Flash only. Oh well...Life goes on.
No, the source is not the creator of the malware. It was uncovered By Dr Web, a Russian anti- virus firm.
I was doubtful of the number too, but it has been confirmed by Kaspersky.
Second source confirms: 1 in 100 Macs affected.
I have no idea why so many people are patting Apple on the back for their 'timely' response. This vulnerability has been known about for months. They rushed out a patch when it hit the news, days after the damage had been done. A pretty poor show in my opinion.
Last edited:
Remove Java
Chances are, you dont need Java at all on your Mac. Heres how to get rid of it: http://reviews.cnet.com/8301-13727_7-57408841-263/how-to-check-for-and-disable-java-in-os-x/
Chances are, you dont need Java at all on your Mac. Heres how to get rid of it: http://reviews.cnet.com/8301-13727_7-57408841-263/how-to-check-for-and-disable-java-in-os-x/
How was Apple meant to know about it before it was used for bad stuff. If Apple could know about these risks they would have a flawless operating system from the get go. Think about that for a minute.
Here is a new report which finds that a secondary source, Kaspersky Labs, has also verified the 600,000+ figure of Macs infected with this trojan. They did testing to confirm Dr. Web's initial reporting of the trojan's number of infected Macs. Very interesting. They say 1% of Macs are infected with this trojan.
http://www.zdnet.com/blog/bott/second-source-confirms-1-in-100-macs-are-infected-by-flashback/4737?
http://www.zdnet.com/blog/bott/second-source-confirms-1-in-100-macs-are-infected-by-flashback/4737?
Apple was "meant to know about it before it was used for bad stuff" because (a) the vulnerability was widely known, and (b) had been patched in other Java distributions. This happened many weeks before Apple made its (very belated) move.
I'd say you're the one needing to think about it for a minute. I don't think you have a good grasp of what vulnerabilities are, how they're found, what's to be done about them, and how they're exploited.
even so, if all companies went by what you are saying virus definition wouldn't even be in the dictionary because there would be no holes to exploit.
What about some bug fixes, Apple?
It's nice that they're releasing security fixes. But how about some bug fixes? The JVM on MacOS X locks up at the drop of a hat, and there are seriously missing features, like Java3D is badly broken. And Java 7 is coming very slowly.
It's nice that they're releasing security fixes. But how about some bug fixes? The JVM on MacOS X locks up at the drop of a hat, and there are seriously missing features, like Java3D is badly broken. And Java 7 is coming very slowly.