Apple takes novel approach to killing Flashback Trojan on Mac OS X 10.7 and 10.6

News

Apple takes novel approach to killing Flashback Trojan on Mac OS X 10.7 and 10.6

Warwick Ashford

Apple has released a new version of Java for Mac OS X 10.7 and 10.6 to tackle the Flashback Trojan believed to have infected more than 600,000 Macs.

The Trojan exploits a vulnerability in Java to steal personal information and hijacks the infected Mac to become part of a remotely controlled botnet.

Qualys chief technology officer Wolfgang Kandek said the new version of Java is innovative because it does not fix any vulnerabilities, but instead addresses two of the current Java Mac landscape problems.

First, it erases the known variants of the Flashback Trojan.

Second, it automatically disables Java when it has not been used for 35 days. Users have to then re-enable it manually in Java Preferences when they need it.

"This is exciting and to my knowledge nobody has done something like this before. It makes total sense to me," Wolfgang Kandek wrote in a blog post.

"We have been telling users to disable or uninstall Java if they do not need it, but we know very well that only very security-conscious users will do so," Kandek said.

"Given the task of monitoring Java use to the computer itself is a great idea and it will be interesting to see how user acceptance will work out."

Apple has been criticised for its slow response to the Flashback Trojan. Security firm Kaspersky Labs said Apple had issued patches to prevent the malware's installation eight weeks after Java's developer Oracle issued a fix for other computer systems.

However, Kaspersky has been forced to recall its own Trojan-removal tool after it affected some user settings, according to the BBC.

Kaspersky said its tool was removing settings on the computers it was being installed on and promised to offer a replacement shortly.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy