Apple plugs Java hole after Flashback Trojan intrusion Apple released a security update for OS X Java on Tuesday, plugging a security vulnerability exploited by the latest Flashback Trojan. The latest variant of the Mac-specific malware appeared on Monday and targeted a vulnerability in Java (CVE-2012-0507) which was patched on Windows machines more than six weeks ago. Apple's …
Too bad the fix is only for 10.6.8 & up. Can’t be applied to my incredibly old 10.6.5 (released 1 yr., 4 mos. ago . . .)
I’m sure the reason for this is that it’s far to expensive for Apple to extend the fix to cover at least 2 years of OS, not that Apple is trying to corral users into their walled garden (10.6.6 & up infects Macs with the “app store.”)
Apple only has the best in mind for their customers. Don’t they?
All your phone/pad/app/os/book/music/movie are belong to us.
It's a free upgrade to 10.6.8.
Regarding the App Store 'infection', I'm not entirely sure what your problem is. Yeah it's installed, but you don't have to register and you don't have to use it. You can even drag out of the dock ad delete it from your HD if you're that bothered about it.
Your Mac will still work.
Not sure how it all works in the Mac world, but I remember that I used to get quite annoyed by not being able to just download patches. If a security update included an extra application, it's not a security update in my books and the supplier can just poke it - I was at the 'angry young man' stage of my life at the time. If I need a patch for something like a browser, I wouldn't want some Yahoo! application being loaded on just because it came with the patch, sorry 'update'. And the supplier should be able to seperate out the security stuff from the functionality stuff so a decision can be made before the install as to whether the extra piece of software is installed in the first place, not have it installed by default.
Having said that, I would rather go through the pain of removing stuff that's not required than exposing an unpatched machine to the network. Not that I've had to do that for a long, long time, thankfully. MikeOS FTW.
OS X never ships with Java installed anymore.
If you are one of the unfortunate souls tricked by Satan and ended up in eternal purgatory there is still hope for the redemption of your immortal soul:
The steps are as follows:
1. Check for Java Installation using your almighty holy Bash Terminal:
sudo /usr/libexec/java_home -xml (an output with two JVM dictionaries confirms that Java is installed)
2. Run the demon spawns uninstaller:
sudo /usr/libexec/java_home –uninstall
3. Remove the demon spawns JVM installation location:
sudo rm -rf /System/Library/Java
4. Run command from step 1 again (an output starting with "Unable to find any JVMs matching version" confirms that Java is no longer installed.
5. Say 10,000 hail marys and you might be able to be let out of purgatory.
... that is all
Some Russian security firm reckons they have found a botnet of Macs, established using the Flashback trojan:
http://news.drweb.com/?i=2341&c=5&lng=en&p=0
I thought that Macs (unlike Windows systems) were inherently safe and secure and that fruity followers need not worry about such things.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
