Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.sys.mac.system > #23317 > unrolled thread
| Started by | ANTant@zimage.com (Ant) |
|---|---|
| First post | 2012-04-04 19:03 -0500 |
| Last post | 2012-04-12 09:13 +1200 |
| Articles | 14 on this page of 54 — 20 participants |
Back to article view | Back to comp.sys.mac.system
Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? ANTant@zimage.com (Ant) - 2012-04-04 19:03 -0500
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Michael Vilain <vilain@NOspamcop.net> - 2012-04-04 19:54 -0700
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? nospam <nospam@nospam.invalid> - 2012-04-05 00:06 -0400
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Michael Vilain <vilain@NOspamcop.net> - 2012-04-05 00:24 -0700
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? nospam <nospam@nospam.invalid> - 2012-04-05 16:10 -0400
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Michael Vilain <vilain@NOspamcop.net> - 2012-04-05 13:33 -0700
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Michael Vilain <vilain@NOspamcop.net> - 2012-04-05 13:51 -0700
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? *Hemidactylus* <ecphoric@hotmail.com> - 2012-04-05 19:16 -0400
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? dempson@actrix.gen.nz (David Empson) - 2012-04-06 14:48 +1200
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? *Hemidactylus* <ecphoric@hotmail.com> - 2012-04-05 23:21 -0400
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? dempson@actrix.gen.nz (David Empson) - 2012-04-06 18:19 +1200
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-06 14:09 +0200
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Howard.not@home.com (Howard) - 2012-04-09 18:17 +0100
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? PhillipJones <pjones1@kimbanet.com> - 2012-04-09 14:20 -0400
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Howard.not@home.com (Howard) - 2012-04-10 17:46 +0100
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-11 10:18 +0200
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? John McWilliams <jpmcw@comcast.net> - 2012-04-11 15:13 -0700
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-06 14:01 +0200
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? dempson@actrix.gen.nz (David Empson) - 2012-04-07 01:46 +1200
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Fred Moore <fmoore@gcfn.org> - 2012-04-06 12:15 -0400
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-09 09:11 +0200
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Fred Moore <fmoore@gcfn.org> - 2012-04-09 11:42 -0400
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-06 13:51 +0200
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Ant <ant@zimage.comANT> - 2012-04-06 09:28 -0700
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-06 21:51 +0200
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Ant <ant@zimage.comANT> - 2012-04-06 16:43 -0700
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Wes Groleau <Groleau+news@FreeShell.org> - 2012-04-05 21:27 -0400
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-06 14:19 +0200
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Ant <ant@zimage.comANT> - 2012-04-06 09:29 -0700
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Michael Vilain <vilain@NOspamcop.net> - 2012-04-06 12:22 -0700
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? nospam <nospam@nospam.invalid> - 2012-04-06 17:40 -0400
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Fred Moore <fmoore@gcfn.org> - 2012-04-06 12:11 -0400
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-05 10:01 +0200
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Ant <ant@zimage.comANT> - 2012-04-05 01:55 -0700
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-05 11:40 +0200
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Ant <ant@zimage.comANT> - 2012-04-06 09:30 -0700
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Dave Allen <kneeljung@gmail.com> - 2012-04-06 19:03 -0500
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? dempson@actrix.gen.nz (David Empson) - 2012-04-07 12:48 +1200
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Dave Allen <kneeljung@gmail.com> - 2012-04-07 13:56 -0500
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Ant <ant@zimage.comANT> - 2012-04-07 09:53 -0700
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? SY <205sk@accessforall.invalid> - 2012-04-07 19:01 +0200
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Alan Browne <alan.browne@FreelunchVideotron.ca> - 2012-04-07 14:10 -0400
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Ant <ant@zimage.comANT> - 2012-04-21 13:18 -0700
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Warren Oates <warren.oates@gmail.com> - 2012-04-05 08:20 -0400
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? George Kerby <ghost_topper@hotmail.com> - 2012-04-05 08:38 -0500
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Jolly Roger <jollyroger@pobox.com> - 2012-04-05 15:51 -0700
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? George Kerby <ghost_topper@hotmail.com> - 2012-04-05 18:49 -0500
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Jolly Roger <jollyroger@pobox.com> - 2012-04-05 16:54 -0700
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-08 13:38 +0200
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? J.J. O'Shea <try.not.to@but.see.sig> - 2012-04-09 14:03 -0400
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? *Hemidactylus* <ecphoric@hotmail.com> - 2012-04-05 19:10 -0400
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? J.J. O'Shea <try.not.to@but.see.sig> - 2012-04-09 14:00 -0400
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? Paul Sture <paul@sture.ch> - 2012-04-11 10:37 +0200
Re: Is there a Flashback protection/fix for Mac OS X 10.5.8's vulnerable Java? HelpfulHarry@BusyWorking.com (Helpful Harry) - 2012-04-12 09:13 +1200
Page 3 of 3 — ← Prev page 1 2 [3]
| From | SY <205sk@accessforall.invalid> |
|---|---|
| Date | 2012-04-07 19:01 +0200 |
| Message-ID | <4f8072dc$0$20411$e4fe514c@dreader37.news.xs4all.nl> |
| In reply to | #23418 |
In article <a8udnVrXcJVo7R3SnZ2dnUVZ_t6dnZ2d@earthlink.com>, Ant <ant@zimage.comANT> wrote: > On 4/6/2012 5:03 PM PT, Dave Allen typed: > > >>> Thanks, I forgot to mention disabling Java. I have disabled it in my > >>> browsers as well. > >> > >> Don't forget to disable it through Utilities' Java Preference! > > > > Okay, I've opened Java Preferences from Utilities,but I have no idea > > what i need to do with it to disable Java. Do I simply uncheck all of > > the boxes under the General tab? [Mac OS 10.5.8] > > That is what I did in there beside disabling Java in web browsers. Then, > you can go to http://javatester.org/, http://java.com, or any trusted > web site with Java applets to see if Java is disabled. Or try: http://browserspy.dk/java.php SK.
[toc] | [prev] | [next] | [standalone]
| From | Alan Browne <alan.browne@FreelunchVideotron.ca> |
|---|---|
| Date | 2012-04-07 14:10 -0400 |
| Message-ID | <rp-dnYNCnreaHh3SnZ2dnUVZ_gqdnZ2d@giganews.com> |
| In reply to | #23420 |
On 2012-04-07 13:01 , SY wrote:
> In article<a8udnVrXcJVo7R3SnZ2dnUVZ_t6dnZ2d@earthlink.com>,
> Ant<ant@zimage.comANT> wrote:
>
>> On 4/6/2012 5:03 PM PT, Dave Allen typed:
>>
>>>>> Thanks, I forgot to mention disabling Java. I have disabled it in my
>>>>> browsers as well.
>>>>
>>>> Don't forget to disable it through Utilities' Java Preference!
>>>
>>> Okay, I've opened Java Preferences from Utilities,but I have no idea
>>> what i need to do with it to disable Java. Do I simply uncheck all of
>>> the boxes under the General tab? [Mac OS 10.5.8]
>>
>> That is what I did in there beside disabling Java in web browsers. Then,
>> you can go to http://javatester.org/, http://java.com, or any trusted
>> web site with Java applets to see if Java is disabled.
>
> Or try: http://browserspy.dk/java.php
> SK.
Or don't. The one's that Ant supplied are fine.
--
"I was gratified to be able to answer promptly, and I did.
I said I didn't know."
-Samuel Clemens.
[toc] | [prev] | [next] | [standalone]
| From | Ant <ant@zimage.comANT> |
|---|---|
| Date | 2012-04-21 13:18 -0700 |
| Message-ID | <S9edncoi8Zaciw7SnZ2dnUVZ_jmdnZ2d@earthlink.com> |
| In reply to | #23394 |
On 4/7/2012 9:53 AM PT, Ant typed:
>>>> Thanks, I forgot to mention disabling Java. I have disabled it in my
>>>> browsers as well.
>>>
>>> Don't forget to disable it through Utilities' Java Preference!
>>
>> Okay, I've opened Java Preferences from Utilities,but I have no idea
>> what i need to do with it to disable Java. Do I simply uncheck all of
>> the boxes under the General tab? [Mac OS 10.5.8]
>
> That is what I did in there beside disabling Java in web browsers. Then,
> you can go to http://javatester.org/, http://java.com, or any trusted
> web site with Java applets to see if Java is disabled.
I don't know if this is a glitch on this old specific MacBook Pro (15";
2008) or an actual bug on all Mac OS X 10.5.8 machines. Disabling Java
plugins in Mac OS X 10.5.8's Utilities' Java Preferences will remove ALL
installed plug-ins in Safari. Why? I DON'T KNOW! [gets slimed] It would
be nice if someone else, with this OS version, to try it and see if it
happens there.
For now, I will have Java disabled on both Firefox and Safari web browsers.
--
"At length, when they came to a (lowly) valley of ants, one of the ants
said: 'O ye ants, get into your habitations, lest Solomon and his hosts
crush you (under foot) without knowing it.'" --Surah 27. The Ant, The
Ants, line 18
/\___/\ Ant(Dude) @ http://antfarm.ma.cx (Personal Web Site)
/ /\ /\ \ Ant's Quality Foraged Links: http://aqfl.net
| |o o| |
\ _ / If crediting, then use Ant nickname and AQFL URL/link.
( ) If e-mailing, then axe ANT from its address if needed.
Ant is currently not listening to any songs on this computer.
[toc] | [prev] | [next] | [standalone]
| From | Warren Oates <warren.oates@gmail.com> |
|---|---|
| Date | 2012-04-05 08:20 -0400 |
| Message-ID | <4f7d8e2d$0$11826$c3e8da3$12bcf670@news.astraweb.com> |
| In reply to | #23324 |
In article <m30059-u5g.ln1@news.sture.ch>, Paul Sture <paul@sture.ch> wrote: > To summarize, if both these Terminal commands give the "does not exist" > error, you don't have this particular nasty (at least in its current > form): > > defaults read /Applications/Safari.app/Contents/Info LSEnvironment > defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES Thanks Paul -- that's valuable info. -- ... do not cover a warm kettle or your stock may sour. -- Julia Child
[toc] | [prev] | [next] | [standalone]
| From | George Kerby <ghost_topper@hotmail.com> |
|---|---|
| Date | 2012-04-05 08:38 -0500 |
| Message-ID | <CBA30A70.84DDD%ghost_topper@hotmail.com> |
| In reply to | #23324 |
On 4/5/12 3:01 AM, in article m30059-u5g.ln1@news.sture.ch, "Paul Sture" <paul@sture.ch> wrote: > On Wed, 04 Apr 2012 19:03:30 -0500, Ant wrote: > >> Hello. >> >> I read the recent Flashback trojan with Apple's Java. I have a client >> who is still running Mac OS X 10.5.8 and noticed Apple released an >> updated Java for Mac OS X 10.6. I assume there is none for unsupported >> 10.5.8. Is there a way to remove its Java or protect it without >> upgrading the OS? >> > > There are some manual removal instructions here: > > <http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml> > > To summarize, if both these Terminal commands give the "does not exist" > error, you don't have this particular nasty (at least in its current > form): > Gizmodo confirms that: <http://gizmodo.com/5899352/mac-flashback-trojan-find-out-if-youre-one-of-th e-600000-infected>
[toc] | [prev] | [next] | [standalone]
| From | Jolly Roger <jollyroger@pobox.com> |
|---|---|
| Date | 2012-04-05 15:51 -0700 |
| Message-ID | <jollyroger-B019D8.15510505042012@news.individual.net> |
| In reply to | #23331 |
In article <CBA30A70.84DDD%ghost_topper@hotmail.com>, George Kerby <ghost_topper@hotmail.com> wrote: > On 4/5/12 3:01 AM, in article m30059-u5g.ln1@news.sture.ch, "Paul Sture" > <paul@sture.ch> wrote: > > > To summarize, if both these Terminal commands give the "does not exist" > > error, you don't have this particular nasty (at least in its current > > form): > > Gizmodo confirms that: > > <http://gizmodo.com/5899352/mac-flashback-trojan-find-out-if-youre-one-of-th > e-600000-infected> I stopped reading Gizmodo after he held the iPhone prototype hostage and then blamed Apple for wanting it back. ; ) -- Send responses to the relevant news group rather than email to me. E-mail sent to this address may be devoured by my very hungry SPAM filter. Due to Google's refusal to prevent spammers from posting messages through their servers, I often ignore posts from Google Groups. Use a real news client if you want me to see your posts. JR
[toc] | [prev] | [next] | [standalone]
| From | George Kerby <ghost_topper@hotmail.com> |
|---|---|
| Date | 2012-04-05 18:49 -0500 |
| Message-ID | <CBA399C4.84E35%ghost_topper@hotmail.com> |
| In reply to | #23340 |
On 4/5/12 5:51 PM, in article jollyroger-B019D8.15510505042012@news.individual.net, "Jolly Roger" <jollyroger@pobox.com> wrote: > In article <CBA30A70.84DDD%ghost_topper@hotmail.com>, > George Kerby <ghost_topper@hotmail.com> wrote: > >> On 4/5/12 3:01 AM, in article m30059-u5g.ln1@news.sture.ch, "Paul Sture" >> <paul@sture.ch> wrote: >> >>> To summarize, if both these Terminal commands give the "does not exist" >>> error, you don't have this particular nasty (at least in its current >>> form): >> >> Gizmodo confirms that: >> >> <http://gizmodo.com/5899352/mac-flashback-trojan-find-out-if-youre-one-of-th >> e-600000-infected> > > I stopped reading Gizmodo after he held the iPhone prototype hostage and > then blamed Apple for wanting it back. ; ) So THAT was the guy?!? DAMN!
[toc] | [prev] | [next] | [standalone]
| From | Jolly Roger <jollyroger@pobox.com> |
|---|---|
| Date | 2012-04-05 16:54 -0700 |
| Message-ID | <jollyroger-DA7296.16540305042012@news.individual.net> |
| In reply to | #23350 |
In article <CBA399C4.84E35%ghost_topper@hotmail.com>, George Kerby <ghost_topper@hotmail.com> wrote: > On 4/5/12 5:51 PM, in article > jollyroger-B019D8.15510505042012@news.individual.net, "Jolly Roger" > <jollyroger@pobox.com> wrote: > > > In article <CBA30A70.84DDD%ghost_topper@hotmail.com>, > > George Kerby <ghost_topper@hotmail.com> wrote: > > > >> On 4/5/12 3:01 AM, in article m30059-u5g.ln1@news.sture.ch, "Paul Sture" > >> <paul@sture.ch> wrote: > >> > >>> To summarize, if both these Terminal commands give the "does not exist" > >>> error, you don't have this particular nasty (at least in its current > >>> form): > >> > >> Gizmodo confirms that: > >> > >> <http://gizmodo.com/5899352/mac-flashback-trojan-find-out-if-youre-one-of-t > >> h > >> e-600000-infected> > > > > I stopped reading Gizmodo after he held the iPhone prototype hostage and > > then blamed Apple for wanting it back. ; ) > > So THAT was the guy?!? > > DAMN! Yup. I read http://www.engadget.com/. Same content, minus the mindless Apple hate. -- Send responses to the relevant news group rather than email to me. E-mail sent to this address may be devoured by my very hungry SPAM filter. Due to Google's refusal to prevent spammers from posting messages through their servers, I often ignore posts from Google Groups. Use a real news client if you want me to see your posts. JR
[toc] | [prev] | [next] | [standalone]
| From | Paul Sture <paul@sture.ch> |
|---|---|
| Date | 2012-04-08 13:38 +0200 |
| Message-ID | <3v9859-fm1.ln1@news.sture.ch> |
| In reply to | #23331 |
On Thu, 05 Apr 2012 08:38:08 -0500, George Kerby wrote: > On 4/5/12 3:01 AM, in article m30059-u5g.ln1@news.sture.ch, "Paul Sture" > <paul@sture.ch> wrote: > >> On Wed, 04 Apr 2012 19:03:30 -0500, Ant wrote: >> >>> Hello. >>> >>> I read the recent Flashback trojan with Apple's Java. I have a client >>> who is still running Mac OS X 10.5.8 and noticed Apple released an >>> updated Java for Mac OS X 10.6. I assume there is none for unsupported >>> 10.5.8. Is there a way to remove its Java or protect it without >>> upgrading the OS? >>> >>> >> There are some manual removal instructions here: >> >> <http://www.f-secure.com/v-descs/trojan- downloader_osx_flashback_i.shtml> >> >> To summarize, if both these Terminal commands give the "does not exist" >> error, you don't have this particular nasty (at least in its current >> form): >> >> > Gizmodo confirms that: > > <http://gizmodo.com/5899352/mac-flashback-trojan-find-out-if-youre-one- of-th > e-600000-infected> Him yes. They blindly copied the fix from the F-Secure site, where points 2. and 3. are the wrong way round. Don't any of these folks actually test what they regurgitate? -- Paul Sture
[toc] | [prev] | [next] | [standalone]
| From | J.J. O'Shea <try.not.to@but.see.sig> |
|---|---|
| Date | 2012-04-09 14:03 -0400 |
| Message-ID | <jlv8991hv2@news3.newsguy.com> |
| In reply to | #23474 |
On Sun, 8 Apr 2012 07:38:43 -0400, Paul Sture wrote (in article <3v9859-fm1.ln1@news.sture.ch>): > On Thu, 05 Apr 2012 08:38:08 -0500, George Kerby wrote: > >> On 4/5/12 3:01 AM, in article m30059-u5g.ln1@news.sture.ch, "Paul Sture" >> <paul@sture.ch> wrote: >> >>> On Wed, 04 Apr 2012 19:03:30 -0500, Ant wrote: >>> >>>> Hello. >>>> >>>> I read the recent Flashback trojan with Apple's Java. I have a client >>>> who is still running Mac OS X 10.5.8 and noticed Apple released an >>>> updated Java for Mac OS X 10.6. I assume there is none for unsupported >>>> 10.5.8. Is there a way to remove its Java or protect it without >>>> upgrading the OS? >>>> >>>> >>> There are some manual removal instructions here: >>> >>> <http://www.f-secure.com/v-descs/trojan- > downloader_osx_flashback_i.shtml> >>> >>> To summarize, if both these Terminal commands give the "does not exist" >>> error, you don't have this particular nasty (at least in its current >>> form): >>> >>> >> Gizmodo confirms that: >> >> <http://gizmodo.com/5899352/mac-flashback-trojan-find-out-if-youre-one- > of-th >> e-600000-infected> > > Him yes. They blindly copied the fix from the F-Secure site, where > points 2. and 3. are the wrong way round. > > Don't any of these folks actually test what they regurgitate? Nope. They don't even check to see if there's an actual, real, threat. There doesn't seem to be one. -- email to oshea dot j dot j at gmail dot com.
[toc] | [prev] | [next] | [standalone]
| From | *Hemidactylus* <ecphoric@hotmail.com> |
|---|---|
| Date | 2012-04-05 19:10 -0400 |
| Message-ID | <y_mdnVzvDdHvu-PSnZ2dnUVZ_gydnZ2d@giganews.com> |
| In reply to | #23324 |
On 04/05/2012 04:01 AM, Paul Sture wrote: > On Wed, 04 Apr 2012 19:03:30 -0500, Ant wrote: > >> Hello. >> >> I read the recent Flashback trojan with Apple's Java. I have a client >> who is still running Mac OS X 10.5.8 and noticed Apple released an >> updated Java for Mac OS X 10.6. I assume there is none for unsupported >> 10.5.8. Is there a way to remove its Java or protect it without >> upgrading the OS? >> > > There are some manual removal instructions here: > > <http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml> > > To summarize, if both these Terminal commands give the "does not exist" > error, you don't have this particular nasty (at least in its current > form): > > defaults read /Applications/Safari.app/Contents/Info LSEnvironment > defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES > > Sample output: > > pbook:~paul$ defaults read /Applications/Safari.app/Contents/Info > LSEnvironment > 2012-04-05 09:57:39.890 defaults[16703:10b] > The domain/default pair of (/Applications/Safari.app/Contents/Info, > LSEnvironment) does not exist > > pbook:~paul$ defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES > 2012-04-05 09:59:10.954 defaults[16710:10b] > The domain/default pair of (/Users/paul/.MacOSX/environment, > DYLD_INSERT_LIBRARIES) does not exist > > For fun I ran both commands in my terminal and came up clean. But I have Lion. -- *Hemidactylus*
[toc] | [prev] | [next] | [standalone]
| From | J.J. O'Shea <try.not.to@but.see.sig> |
|---|---|
| Date | 2012-04-09 14:00 -0400 |
| Message-ID | <jlv84j0hv2@news3.newsguy.com> |
| In reply to | #23317 |
On Wed, 4 Apr 2012 20:03:30 -0400, Ant wrote (in article <Xaqdnd_fvMXPfOHSnZ2dnUVZ_s6dnZ2d@earthlink.com>): > Hello. > > I read the recent Flashback trojan with Apple's Java. I have a client > who is still running Mac OS X 10.5.8 and noticed Apple released an > updated Java for Mac OS X 10.6. I assume there is none for unsupported > 10.5.8. Is there a way to remove its Java or protect it without > upgrading the OS? > > Thank you in advance. :) > It seems that the entire Flashback thing is much ado about nothing. See <http://www.symantec.com/security_response/writeup.jsp?docid=2011-093016-1216- 99>. If an AV vendor, who by definition has a reason to shout and carry on about a 'threat', makes a big deal out of something I usually regard their announcements with some suspicion. If, however, an AV vendor, who by definition has a reason to shout and carry on about a 'threat', declare that a 'threat' is, and I quote, of a 'very low risk level', and that they have detected '0-49' cases from '0-2' sites in the time starting 30 Sept 2011 (the day they first detected the 'threat') and ending 6 April 2012 (the day that the 'threat' assessment was last updated, well, I believe 'em. Symantec doesn't think that this is a real threat. Why should you? An AV vendor, looking to find something to trumpet so as to get people to buy their product, could only find less than 50 infections at one or two sites in _six months of looking_. Either they didn't look very hard or there's nothing to find. -- email to oshea dot j dot j at gmail dot com.
[toc] | [prev] | [next] | [standalone]
| From | Paul Sture <paul@sture.ch> |
|---|---|
| Date | 2012-04-11 10:37 +0200 |
| Message-ID | <hfsf59-82h.ln1@news.sture.ch> |
| In reply to | #23556 |
On Mon, 09 Apr 2012 14:00:51 -0400, J.J. O'Shea wrote: > On Wed, 4 Apr 2012 20:03:30 -0400, Ant wrote (in article > <Xaqdnd_fvMXPfOHSnZ2dnUVZ_s6dnZ2d@earthlink.com>): > >> Hello. >> >> I read the recent Flashback trojan with Apple's Java. I have a client >> who is still running Mac OS X 10.5.8 and noticed Apple released an >> updated Java for Mac OS X 10.6. I assume there is none for unsupported >> 10.5.8. Is there a way to remove its Java or protect it without >> upgrading the OS? >> >> Thank you in advance. :) >> >> > It seems that the entire Flashback thing is much ado about nothing. See > <http://www.symantec.com/security_response/writeup.jsp? docid=2011-093016-1216- > 99>. If an AV vendor, who by definition has a reason to shout and carry > on about a 'threat', makes a big deal out of something I usually regard > their announcements with some suspicion. If, however, an AV vendor, who > by definition has a reason to shout and carry on about a 'threat', > declare that a 'threat' is, and I quote, of a 'very low risk level', and > that they have detected '0-49' cases from '0-2' sites in the time > starting 30 Sept 2011 (the day they first detected the 'threat') and > ending 6 April 2012 (the day that the 'threat' assessment was last > updated, well, I believe 'em. Symantec doesn't think that this is a real > threat. Why should you? An AV vendor, looking to find something to > trumpet so as to get people to buy their product, could only find less > than 50 infections at one or two sites in _six months of looking_. > Either they didn't look very hard or there's nothing to find. Noted. "Apple to release Flashback removal software, working to take down botnet" - Ars Technica <http://bit.ly/ING3QM> -- Paul Sture
[toc] | [prev] | [next] | [standalone]
| From | HelpfulHarry@BusyWorking.com (Helpful Harry) |
|---|---|
| Date | 2012-04-12 09:13 +1200 |
| Message-ID | <HelpfulHarry-1204120913340001@203-118-187-219.dsl.dyn.ihug.co.nz> |
| In reply to | #23625 |
On Mon, 09 Apr 2012 14:00:51 -0400, J.J. O'Shea wrote: > > It seems that the entire Flashback thing is much ado about nothing. See > <http://www.symantec.com/security_response/writeup.jsp? docid=2011-093016-1216- > 99>. If an AV vendor, who by definition has a reason to shout and carry > on about a 'threat', makes a big deal out of something I usually regard > their announcements with some suspicion. If, however, an AV vendor, who > by definition has a reason to shout and carry on about a 'threat', > declare that a 'threat' is, and I quote, of a 'very low risk level', and > that they have detected '0-49' cases from '0-2' sites in the time > starting 30 Sept 2011 (the day they first detected the 'threat') and > ending 6 April 2012 (the day that the 'threat' assessment was last > updated, well, I believe 'em. Symantec doesn't think that this is a real > threat. Why should you? An AV vendor, looking to find something to > trumpet so as to get people to buy their product, could only find less > than 50 infections at one or two sites in _six months of looking_. > Either they didn't look very hard or there's nothing to find. Yep, that pretty much covers it. For those two people who do manage to find this "malware" on their computer (from visiting too many porn and pirate websites), there's now a couple of FREE applications to remove it <http://www.macrumors.com/2012/04/11/antivirus-firms-release-free-tools-for-cleaning-macs-infected-by-flashback/> Kaspersky Lab's version is web-based, and it wouldn't surprise me if that insists on having Java turned on before it can "remove" the "malware". Helpful Harry :o)
[toc] | [prev] | [standalone]
Page 3 of 3 — ← Prev page 1 2 [3]
Back to top | Article view | comp.sys.mac.system
csiph-web