Monday, April 02, 2012

Mac Flashback trojan exploits unpatched Java vulnerability

Mac Flashback trojan exploits unpatched Java vulnerability, no password needed "Developers behind the Flashback trojan for the Mac have updated it to exploit a vulnerability in the Java software framework that has yet to be patched for machines running Mac OS X, an antivirus firm warned on Monday."

F-Secure has recently joined others in counseling Mac users to disable Java on machines that don't regularly use it. The antivirus provider also has provided instructions for checking if your Mac is infected.

Those instructions offer some technical description but boil down to open Terminal and run these two commands:

defaults read /Applications/%browser%.app/Contents/Info LSEnvironment
defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES


For both you should get a result of "The domain/default pair of (...STUFF...) does not exist", if you don't check the page for details.

No comments: