It has been a couple of weeks since the first reports of the Flashback malware surfaced. Even after multiple patches and solutions, Symantec is still showing around 140,000 Macs infected with the malware. This is down from over 650,000 before the patches. In their post, Symantec shares that “one of the new features of the Trojan is that it can now retrieve updated [Command and Control] locations through Twitter posts by searching for specific hashtags generated by the OSX.Flashback.K hashtag algorithm."
The Java security updates having been building up this week for Apple. Yesterday, they released a malware removal tool for those Lion machines that did not have a full Java install. According to a few sites, including TUAW, even though the computer did not have Java installed, that Mac could still be infected with the Flashback trojan. Apple indicated in their support article that it “is recommended for all OSX Lion users without Java installed.” They also shared that for some, the tool “may need to restart your computer to completely remove the Flashback malware.”
As with other updates, you can either visit the Apple support site, article DL1517, or you can simply run Software Update from System Preferences. The update is small, around 356 KB, and quick to install.
There are have been many articles about the virus "Flashback" and its impact on the Mac, including one written by this me on Examiner.com: Is it time for anti-virus on your Mac?. The numbers reported may seem large. However, statistics can be misleading and an ounce of prevention may be a better solution than an anti-virus software package at this point.
Apple seems to have patched this vulnerability within the last day or so with a Java update for Lion and Snow Leopard. The “however” here is the flaw seems to have been known for some time and a Windows patch was delivered back in February. Apple did take more time to update their Java install. It is out and available now, so patch your system soon. If you have not run a System Update, you can do so by:Read more
Disclosure: At Story Institute and MousePad Travel, we receive compensation through iTunes, Amazon, HostMonster, and Google affiliate programs by linking to products. We are independently owned and share only our personal opinions.