How to make my mac Flashback proof?

[dacoolest]

This came to my mind when I saw a flash update notification few minutes ago. How do I make sure that my Mac is not having the recently appeared torrents and its new variants? And, how can I make sure that it would not get its new versions of the trojan in the future (if they release any more variants)?

I know that a bit of common sense is enough to avoid damages by not giving permission to make system wide changes to the trojan. But it would be nice if we can make sure that the chances for it to get into my mac is minimized as much as possible (not by keeping the mac turned off 24/7, but by doing necessary configurations while having the ability to browse comfortably and minimizing the chances of getting infected).

Lets assume that my Java is enabled at all the places, including settings in Safari as well as the Java Preferences application.

Please explain all the necessary changes that should be done to disable java as necessary.

And any other tips that would enhance the online security would be appreciated.

I use Lion, MBP late 2011. I have installed all updates.

Thanks in advance.

 

[simsaladimbamba]

Have you read this yet?

To learn more about malware in Mac OS X and what steps can be taken to protect yourself, read the following F.A.Q.:

Mac Virus/Malware Info by GGJstudios​

 

[dacoolest]

Have you read this yet?

To learn more about malware in Mac OS X and what steps can be taken to protect yourself, read the following F.A.Q.:

Mac Virus/Malware Info by GGJstudios​

Did not read all the threads in the forum. I wanted quick guidance as I was confused whether I should proceed with the update notification I just received or should I not. Thanks for the reply.

 

[simsaladimbamba]

Did not read all the threads in the forum. I wanted quick guidance as I was confused whether I should proceed with the update notification I just received or should I not. Thanks for the reply.

It is a guide/FAQ with a section called "What security steps should I take?" and a section about the Flashback trojan.

 

[maflynn]

Keep OSX current, apple has updated OSX so to remove this exploit. In a sense now your Mac should be flashback proof.

Performing safe computing habits, like knowing what you're installing, regardless if it prompts for a password is your best bet for most malware.

 

[miles01110]

Go to the Adobe website, download the installer, and update manually if you don't trust a popup.

 

[dacoolest]

Thanks for all replies. What difference would that make if I disable java from Java Preferences application instead from the browser settings?

 

[Mal]

Go to the Adobe website, download the installer, and update manually if you don't trust a popup.

Actually, I'd remove the word if there. Don't ever just trust a popup asking to update Flash. I'd always go to the Adobe website, and download it directly from there. Never know when the fakes will get good enough to fool me.

jW

 

[satcomer]

I say open a free Home OpenDNS account and participate in the bad web site reporting. Here is an instructional video to show you how to control your family's DNS and keep them away from bad web sites according to your own discretion.

OpenDNS even had a blog post Flashback: Much ado about something. It's worth a read.

 

[GGJstudios]

Thanks for all replies. What difference would that make if I disable java from Java Preferences application instead from the browser settings?

You don't need to disable Java in Java Preferences, only in your browser. Read the Mac Virus/Malware FAQ that simsaladimbamba posted, specifically the section "What security steps should I take?". If you do those things, you will be completely protected from all Mac OS X malware that has ever been found in the wild.