Apple has released yet another update to counter the Flashback Trojan, but has done something rather innovative this time around.
Rather than issuing a fix for any vulnerabilities, Apple has released a new version of Java for Mac OS X 10.7 and 10.6 that erases known variants of Flashback, whilst automatically disabling Java when it has not been in use for the last 35 days. If users want to enable Java again, they will have to go into Preferences and make the necessary alterations.
“This update also configures the Java web plug-in to disable the automatic execution of Java applets. Users may re-enable automatic execution of Java applets using the Java Preferences application,” Apple said in itsd advisory. “If the Java web plug-in detects that no applets have been run for an extended period of time it will again disable Java applets.”
“This is exciting and to my knowledge nobody has done something like this before. It makes total sense to me. We have been telling users to disable or uninstall Java if they do not need it, but we know very well that only very security conscious users will do so,” Kandek said in a blog post.
“Given the task of monitoring Java use to the computer itself is a great idea and an excellent experiment in computer security. It will be interesting to see how user acceptance of such a measure will work out.”
Some still have reservations over Apple’s move. F-Secure’s chief research officer Mikko Hyponnen tweeted: “Apple’s Flashback fix is 66MB. Ours is 39kB. Just sayin’.”
Flashback bot numbers have been plummeting over the past few days. Symantec reported yesterday that the number of bots had been cut to 270,000 as of 11 April. Infections had peaked at around 650,000. Now Apple has taken this fresh step, and security companies have set up various sinkhole operations to kill off the botnet, this Flashback operation should be killed off soon.
Apple is working with ISPs to dismantle the botnet, but the company’s first steps created something of a snafu. The iPhone maker asked for one of security company Dr Web’s domains to be closed. The domain was being used by Dr Web as part of its sinkhole operation.
Think you know security? Test your knowledge.
Thoma Bravo agrees to acquire Darktrace for $5.32 billion in cash, delivering some welcome news…
Customer adoption of AI services embedded in cloud services continues to deliver results for Microsoft,…
TikTok's 'secret source' algorithm is so core to ByteDance, it would rather shut down US…
After relocating from California to Texas in 2020, Oracle's Larry Ellison now reveals plan to…
Share price hit after Meta admits heavy AI spending plans, after posting strong first quarter…
For third time Google delays phase-out of third-party Chrome cookies after pushback from industry and…
View Comments
Innovation - or desperation - Why not simply disable the whole machine if not used for 35 days!
This is a cop out by Apple, I can easily go 35 days without running some programs (like iTunes!) but that doesn't mean I want it disabled (although in this example it does!).
At the very minimum they should let the user choose to disable java and then detect a call to use Java and let the user make a decision.