Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]


Groups > comp.sys.mac.apps > #8899 > unrolled thread

Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java?

Started byANTant@zimage.com (Ant)
First post2012-04-04 19:03 -0500
Last post2012-04-12 09:13 +1200
Articles 9 on this page of 69 — 24 participants

Back to article view | Back to comp.sys.mac.apps


Contents

  Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? ANTant@zimage.com (Ant) - 2012-04-04 19:03 -0500
    Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Michael Vilain <vilain@NOspamcop.net> - 2012-04-04 19:54 -0700
      Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Malcolm <malcolm@invalid> - 2012-04-04 23:33 -0400
        Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Ant <ant@zimage.comANT> - 2012-04-05 00:38 -0700
          Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? SY <205sk@accessforall.invalid> - 2012-04-05 16:35 +0200
            Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Michael Vilain <vilain@NOspamcop.net> - 2012-04-05 12:19 -0700
              Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Michael Vilain <vilain@NOspamcop.net> - 2012-04-05 13:40 -0700
                Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Michael Vilain <vilain@NOspamcop.net> - 2012-04-05 13:52 -0700
                Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Bread <BreadWithSpam@Fractious.net> - 2012-04-11 15:22 -0700
                  Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-12 19:10 +0200
                    Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Calum <com.gmail@nospam.scottishwildcat> - 2012-04-13 01:55 +0100
                      Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? dempson@actrix.gen.nz (David Empson) - 2012-04-13 13:51 +1200
                        Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? nospam <nospam@nospam.invalid> - 2012-04-12 23:52 -0400
                          Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Ant <ant@zimage.comANT> - 2012-04-12 21:31 -0700
                          Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? dempson@actrix.gen.nz (David Empson) - 2012-04-13 20:02 +1200
              Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Warren Oates <warren.oates@gmail.com> - 2012-04-06 08:31 -0400
        Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? rijk <rijk@blah.invalid> - 2012-04-06 21:20 +0200
      Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? nospam <nospam@nospam.invalid> - 2012-04-05 00:06 -0400
        Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Michael Vilain <vilain@NOspamcop.net> - 2012-04-05 00:24 -0700
          Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? nospam <nospam@nospam.invalid> - 2012-04-05 16:10 -0400
            Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Michael Vilain <vilain@NOspamcop.net> - 2012-04-05 13:33 -0700
              Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Michael Vilain <vilain@NOspamcop.net> - 2012-04-05 13:51 -0700
                Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? *Hemidactylus* <ecphoric@hotmail.com> - 2012-04-05 19:16 -0400
                  Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? dempson@actrix.gen.nz (David Empson) - 2012-04-06 14:48 +1200
                    Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? *Hemidactylus* <ecphoric@hotmail.com> - 2012-04-05 23:21 -0400
                      Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? dempson@actrix.gen.nz (David Empson) - 2012-04-06 18:19 +1200
                        Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-06 14:09 +0200
                        Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Howard.not@home.com (Howard) - 2012-04-09 18:17 +0100
                          Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? PhillipJones <pjones1@kimbanet.com> - 2012-04-09 14:20 -0400
                            Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Howard.not@home.com (Howard) - 2012-04-10 17:46 +0100
                              Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-11 10:18 +0200
                                Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? John McWilliams <jpmcw@comcast.net> - 2012-04-11 15:13 -0700
                    Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-06 14:01 +0200
                      Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? dempson@actrix.gen.nz (David Empson) - 2012-04-07 01:46 +1200
                        Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Fred Moore <fmoore@gcfn.org> - 2012-04-06 12:15 -0400
                          Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-09 09:11 +0200
                            Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Fred Moore <fmoore@gcfn.org> - 2012-04-09 11:42 -0400
                Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-06 13:51 +0200
                  Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Ant <ant@zimage.comANT> - 2012-04-06 09:28 -0700
                    Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-06 21:51 +0200
                      Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Ant <ant@zimage.comANT> - 2012-04-06 16:43 -0700
      Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Wes Groleau <Groleau+news@FreeShell.org> - 2012-04-05 21:27 -0400
        Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-06 14:19 +0200
          Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Ant <ant@zimage.comANT> - 2012-04-06 09:29 -0700
            Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Michael Vilain <vilain@NOspamcop.net> - 2012-04-06 12:22 -0700
              Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? nospam <nospam@nospam.invalid> - 2012-04-06 17:40 -0400
        Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Fred Moore <fmoore@gcfn.org> - 2012-04-06 12:11 -0400
    Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-05 10:01 +0200
      Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Ant <ant@zimage.comANT> - 2012-04-05 01:55 -0700
        Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-05 11:40 +0200
          Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Ant <ant@zimage.comANT> - 2012-04-06 09:30 -0700
            Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Dave Allen <kneeljung@gmail.com> - 2012-04-06 19:03 -0500
              Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? dempson@actrix.gen.nz (David Empson) - 2012-04-07 12:48 +1200
                Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Dave Allen <kneeljung@gmail.com> - 2012-04-07 13:56 -0500
              Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Ant <ant@zimage.comANT> - 2012-04-07 09:53 -0700
                Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? SY <205sk@accessforall.invalid> - 2012-04-07 19:01 +0200
                  Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Alan Browne <alan.browne@FreelunchVideotron.ca> - 2012-04-07 14:10 -0400
              Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Ant <ant@zimage.comANT> - 2012-04-21 13:18 -0700
      Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Warren Oates <warren.oates@gmail.com> - 2012-04-05 08:20 -0400
      Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? George Kerby <ghost_topper@hotmail.com> - 2012-04-05 08:38 -0500
        Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Jolly Roger <jollyroger@pobox.com> - 2012-04-05 15:51 -0700
          Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? George Kerby <ghost_topper@hotmail.com> - 2012-04-05 18:49 -0500
            Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Jolly Roger <jollyroger@pobox.com> - 2012-04-05 16:54 -0700
        Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-08 13:38 +0200
          Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? J.J. O'Shea <try.not.to@but.see.sig> - 2012-04-09 14:03 -0400
      Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? *Hemidactylus* <ecphoric@hotmail.com> - 2012-04-05 19:10 -0400
    Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? J.J. O'Shea <try.not.to@but.see.sig> - 2012-04-09 14:00 -0400
      Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-11 10:37 +0200
        Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? HelpfulHarry@BusyWorking.com (Helpful Harry) - 2012-04-12 09:13 +1200

Page 4 of 4 — ← Prev page 1 2 3 [4]


#8947

FromJolly Roger <jollyroger@pobox.com>
Date2012-04-05 15:51 -0700
Message-ID<jollyroger-B019D8.15510505042012@news.individual.net>
In reply to#8919
In article <CBA30A70.84DDD%ghost_topper@hotmail.com>,
 George Kerby <ghost_topper@hotmail.com> wrote:

> On 4/5/12 3:01 AM, in article m30059-u5g.ln1@news.sture.ch, "Paul Sture"
> <paul@sture.ch> wrote:
> 
> > To summarize, if both these Terminal commands give the "does not exist"
> > error, you don't have this particular nasty (at least in its current
> > form):
> 
> Gizmodo confirms that:
> 
> <http://gizmodo.com/5899352/mac-flashback-trojan-find-out-if-youre-one-of-th
> e-600000-infected>

I stopped reading Gizmodo after he held the iPhone prototype hostage and 
then blamed Apple for wanting it back. ; )

-- 
Send responses to the relevant news group rather than email to me.
E-mail sent to this address may be devoured by my very hungry SPAM
filter. Due to Google's refusal to prevent spammers from posting
messages through their servers, I often ignore posts from Google
Groups. Use a real news client if you want me to see your posts.

JR

[toc] | [prev] | [next] | [standalone]


#8957

FromGeorge Kerby <ghost_topper@hotmail.com>
Date2012-04-05 18:49 -0500
Message-ID<CBA399C4.84E35%ghost_topper@hotmail.com>
In reply to#8947


On 4/5/12 5:51 PM, in article
jollyroger-B019D8.15510505042012@news.individual.net, "Jolly Roger"
<jollyroger@pobox.com> wrote:

> In article <CBA30A70.84DDD%ghost_topper@hotmail.com>,
>  George Kerby <ghost_topper@hotmail.com> wrote:
> 
>> On 4/5/12 3:01 AM, in article m30059-u5g.ln1@news.sture.ch, "Paul Sture"
>> <paul@sture.ch> wrote:
>> 
>>> To summarize, if both these Terminal commands give the "does not exist"
>>> error, you don't have this particular nasty (at least in its current
>>> form):
>> 
>> Gizmodo confirms that:
>> 
>> <http://gizmodo.com/5899352/mac-flashback-trojan-find-out-if-youre-one-of-th
>> e-600000-infected>
> 
> I stopped reading Gizmodo after he held the iPhone prototype hostage and
> then blamed Apple for wanting it back. ; )

So THAT was the guy?!?

DAMN!

[toc] | [prev] | [next] | [standalone]


#8958

FromJolly Roger <jollyroger@pobox.com>
Date2012-04-05 16:54 -0700
Message-ID<jollyroger-DA7296.16540305042012@news.individual.net>
In reply to#8957
In article <CBA399C4.84E35%ghost_topper@hotmail.com>,
 George Kerby <ghost_topper@hotmail.com> wrote:

> On 4/5/12 5:51 PM, in article
> jollyroger-B019D8.15510505042012@news.individual.net, "Jolly Roger"
> <jollyroger@pobox.com> wrote:
> 
> > In article <CBA30A70.84DDD%ghost_topper@hotmail.com>,
> >  George Kerby <ghost_topper@hotmail.com> wrote:
> > 
> >> On 4/5/12 3:01 AM, in article m30059-u5g.ln1@news.sture.ch, "Paul Sture"
> >> <paul@sture.ch> wrote:
> >> 
> >>> To summarize, if both these Terminal commands give the "does not exist"
> >>> error, you don't have this particular nasty (at least in its current
> >>> form):
> >> 
> >> Gizmodo confirms that:
> >> 
> >> <http://gizmodo.com/5899352/mac-flashback-trojan-find-out-if-youre-one-of-t
> >> h
> >> e-600000-infected>
> > 
> > I stopped reading Gizmodo after he held the iPhone prototype hostage and
> > then blamed Apple for wanting it back. ; )
> 
> So THAT was the guy?!?
> 
> DAMN!

Yup. I read http://www.engadget.com/. Same content, minus the mindless 
Apple hate.

-- 
Send responses to the relevant news group rather than email to me.
E-mail sent to this address may be devoured by my very hungry SPAM
filter. Due to Google's refusal to prevent spammers from posting
messages through their servers, I often ignore posts from Google
Groups. Use a real news client if you want me to see your posts.

JR

[toc] | [prev] | [next] | [standalone]


#9075

FromPaul Sture <paul@sture.ch>
Date2012-04-08 13:38 +0200
Message-ID<3v9859-fm1.ln1@news.sture.ch>
In reply to#8919
On Thu, 05 Apr 2012 08:38:08 -0500, George Kerby wrote:

> On 4/5/12 3:01 AM, in article m30059-u5g.ln1@news.sture.ch, "Paul Sture"
> <paul@sture.ch> wrote:
> 
>> On Wed, 04 Apr 2012 19:03:30 -0500, Ant wrote:
>> 
>>> Hello.
>>> 
>>> I read the recent Flashback trojan with Apple's Java. I have a client
>>> who is still running Mac OS X 10.5.8 and noticed Apple released an
>>> updated Java for Mac OS X 10.6. I assume there is none for unsupported
>>> 10.5.8. Is there a way to remove its Java or protect it without
>>> upgrading the OS?
>>> 
>>> 
>> There are some manual removal instructions here:
>> 
>> <http://www.f-secure.com/v-descs/trojan-
downloader_osx_flashback_i.shtml>
>> 
>> To summarize, if both these Terminal commands give the "does not exist"
>> error, you don't have this particular nasty (at least in its current
>> form):
>> 
>> 
> Gizmodo confirms that:
> 
> <http://gizmodo.com/5899352/mac-flashback-trojan-find-out-if-youre-one-
of-th
> e-600000-infected>

Him yes.  They blindly copied the fix from the F-Secure site, where 
points 2. and 3. are the wrong way round.

Don't any of these folks actually test what they regurgitate?



-- 
Paul Sture

[toc] | [prev] | [next] | [standalone]


#9106

FromJ.J. O'Shea <try.not.to@but.see.sig>
Date2012-04-09 14:03 -0400
Message-ID<jlv8991hv2@news3.newsguy.com>
In reply to#9075
On Sun, 8 Apr 2012 07:38:43 -0400, Paul Sture wrote
(in article <3v9859-fm1.ln1@news.sture.ch>):

> On Thu, 05 Apr 2012 08:38:08 -0500, George Kerby wrote:
> 
>> On 4/5/12 3:01 AM, in article m30059-u5g.ln1@news.sture.ch, "Paul Sture"
>> <paul@sture.ch> wrote:
>> 
>>> On Wed, 04 Apr 2012 19:03:30 -0500, Ant wrote:
>>> 
>>>> Hello.
>>>> 
>>>> I read the recent Flashback trojan with Apple's Java. I have a client
>>>> who is still running Mac OS X 10.5.8 and noticed Apple released an
>>>> updated Java for Mac OS X 10.6. I assume there is none for unsupported
>>>> 10.5.8. Is there a way to remove its Java or protect it without
>>>> upgrading the OS?
>>>> 
>>>> 
>>> There are some manual removal instructions here:
>>> 
>>> <http://www.f-secure.com/v-descs/trojan-
> downloader_osx_flashback_i.shtml>
>>> 
>>> To summarize, if both these Terminal commands give the "does not exist"
>>> error, you don't have this particular nasty (at least in its current
>>> form):
>>> 
>>> 
>> Gizmodo confirms that:
>> 
>> <http://gizmodo.com/5899352/mac-flashback-trojan-find-out-if-youre-one-
> of-th
>> e-600000-infected>
> 
> Him yes.  They blindly copied the fix from the F-Secure site, where 
> points 2. and 3. are the wrong way round.
> 
> Don't any of these folks actually test what they regurgitate?

Nope. They don't even check to see if there's an actual, real, threat. There 
doesn't seem to be one.



-- 
email to oshea dot j dot j at gmail dot com.

[toc] | [prev] | [next] | [standalone]


#8953

From*Hemidactylus* <ecphoric@hotmail.com>
Date2012-04-05 19:10 -0400
Message-ID<y_mdnVzvDdHvu-PSnZ2dnUVZ_gydnZ2d@giganews.com>
In reply to#8910
On 04/05/2012 04:01 AM, Paul Sture wrote:
> On Wed, 04 Apr 2012 19:03:30 -0500, Ant wrote:
>
>> Hello.
>>
>> I read the recent Flashback trojan with Apple's Java. I have a client
>> who is still running Mac OS X 10.5.8 and noticed Apple released an
>> updated Java for Mac OS X 10.6. I assume there is none for unsupported
>> 10.5.8. Is there a way to remove its Java or protect it without
>> upgrading the OS?
>>
>
> There are some manual removal instructions here:
>
> <http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml>
>
> To summarize, if both these Terminal commands give the "does not exist"
> error, you don't have this particular nasty (at least in its current
> form):
>
> defaults read /Applications/Safari.app/Contents/Info LSEnvironment
> defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES
>
> Sample output:
>
> pbook:~paul$ defaults read /Applications/Safari.app/Contents/Info
> LSEnvironment
> 2012-04-05 09:57:39.890 defaults[16703:10b]
> The domain/default pair of (/Applications/Safari.app/Contents/Info,
> LSEnvironment) does not exist
>
> pbook:~paul$ defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES
> 2012-04-05 09:59:10.954 defaults[16710:10b]
> The domain/default pair of (/Users/paul/.MacOSX/environment,
> DYLD_INSERT_LIBRARIES) does not exist
>
>
For fun I ran both commands in my terminal and came up clean. But I have 
Lion.

-- 
*Hemidactylus*

[toc] | [prev] | [next] | [standalone]


#9105

FromJ.J. O'Shea <try.not.to@but.see.sig>
Date2012-04-09 14:00 -0400
Message-ID<jlv84j0hv2@news3.newsguy.com>
In reply to#8899
On Wed, 4 Apr 2012 20:03:30 -0400, Ant wrote
(in article <Xaqdnd_fvMXPfOHSnZ2dnUVZ_s6dnZ2d@earthlink.com>):

> Hello.
> 
> I read the recent Flashback trojan with Apple's Java. I have a client 
> who is still running Mac OS X 10.5.8 and noticed Apple released an 
> updated Java for Mac OS X 10.6. I assume there is none for unsupported 
> 10.5.8. Is there a way to remove its Java or protect it without 
> upgrading the OS?
> 
> Thank you in advance. :)
> 

It seems that the entire Flashback thing is much ado about nothing. See 
<http://www.symantec.com/security_response/writeup.jsp?docid=2011-093016-1216-
99>. If an AV vendor, who by definition has a reason to shout and carry on 
about a 'threat', makes a big deal out of something I usually regard their 
announcements with some suspicion. If, however, an AV vendor, who by 
definition has a reason to shout and carry on about a 'threat', declare that 
a 'threat' is, and I quote, of a 'very low risk level', and that they have 
detected '0-49' cases from '0-2' sites in the time starting 30 Sept 2011 (the 
day they first detected the 'threat') and ending 6 April 2012 (the day that 
the 'threat' assessment was last updated, well, I believe 'em. Symantec 
doesn't think that this is a real threat. Why should you? An AV vendor, 
looking to find something to trumpet so as to get people to buy their 
product, could only find less than 50 infections at one or two sites in _six 
months of looking_. Either they didn't look very hard or there's nothing to 
find.

-- 
email to oshea dot j dot j at gmail dot com.

[toc] | [prev] | [next] | [standalone]


#9144

FromPaul Sture <paul@sture.ch>
Date2012-04-11 10:37 +0200
Message-ID<hfsf59-82h.ln1@news.sture.ch>
In reply to#9105
On Mon, 09 Apr 2012 14:00:51 -0400, J.J. O'Shea wrote:

> On Wed, 4 Apr 2012 20:03:30 -0400, Ant wrote (in article
> <Xaqdnd_fvMXPfOHSnZ2dnUVZ_s6dnZ2d@earthlink.com>):
> 
>> Hello.
>> 
>> I read the recent Flashback trojan with Apple's Java. I have a client
>> who is still running Mac OS X 10.5.8 and noticed Apple released an
>> updated Java for Mac OS X 10.6. I assume there is none for unsupported
>> 10.5.8. Is there a way to remove its Java or protect it without
>> upgrading the OS?
>> 
>> Thank you in advance. :)
>> 
>> 
> It seems that the entire Flashback thing is much ado about nothing. See
> <http://www.symantec.com/security_response/writeup.jsp?
docid=2011-093016-1216-
> 99>. If an AV vendor, who by definition has a reason to shout and carry
> on about a 'threat', makes a big deal out of something I usually regard
> their announcements with some suspicion. If, however, an AV vendor, who
> by definition has a reason to shout and carry on about a 'threat',
> declare that a 'threat' is, and I quote, of a 'very low risk level', and
> that they have detected '0-49' cases from '0-2' sites in the time
> starting 30 Sept 2011 (the day they first detected the 'threat') and
> ending 6 April 2012 (the day that the 'threat' assessment was last
> updated, well, I believe 'em. Symantec doesn't think that this is a real
> threat. Why should you? An AV vendor, looking to find something to
> trumpet so as to get people to buy their product, could only find less
> than 50 infections at one or two sites in _six months of looking_.
> Either they didn't look very hard or there's nothing to find.

Noted.

"Apple to release Flashback removal software, working to take down botnet" 
- Ars Technica

<http://bit.ly/ING3QM>



-- 
Paul Sture

[toc] | [prev] | [next] | [standalone]


#9160

FromHelpfulHarry@BusyWorking.com (Helpful Harry)
Date2012-04-12 09:13 +1200
Message-ID<HelpfulHarry-1204120913340001@203-118-187-219.dsl.dyn.ihug.co.nz>
In reply to#9144
On Mon, 09 Apr 2012 14:00:51 -0400, J.J. O'Shea wrote:
> 
> It seems that the entire Flashback thing is much ado about nothing. See
> <http://www.symantec.com/security_response/writeup.jsp?
docid=2011-093016-1216-
> 99>. If an AV vendor, who by definition has a reason to shout and carry
> on about a 'threat', makes a big deal out of something I usually regard
> their announcements with some suspicion. If, however, an AV vendor, who
> by definition has a reason to shout and carry on about a 'threat',
> declare that a 'threat' is, and I quote, of a 'very low risk level', and
> that they have detected '0-49' cases from '0-2' sites in the time
> starting 30 Sept 2011 (the day they first detected the 'threat') and
> ending 6 April 2012 (the day that the 'threat' assessment was last
> updated, well, I believe 'em. Symantec doesn't think that this is a real
> threat. Why should you? An AV vendor, looking to find something to
> trumpet so as to get people to buy their product, could only find less
> than 50 infections at one or two sites in _six months of looking_.
> Either they didn't look very hard or there's nothing to find.

Yep, that pretty much covers it.

For those two people who do manage to find this "malware" on their
computer (from visiting too many porn and pirate websites), there's now a
couple of FREE applications to remove it
<http://www.macrumors.com/2012/04/11/antivirus-firms-release-free-tools-for-cleaning-macs-infected-by-flashback/>

Kaspersky Lab's version is web-based, and it wouldn't surprise me if that
insists on having Java turned on before it can "remove" the "malware".

Helpful Harry  :o)

[toc] | [prev] | [standalone]


Page 4 of 4 — ← Prev page 1 2 3 [4]

Back to top | Article view | comp.sys.mac.apps


csiph-web