Apple released a second security update on Friday in its continuing battle against the Flashback trojan, which already has infected nearly 650,000 Macs worldwide.
Check your Software Update right now and stay up to date and safe.
Posts tagged #Mac
Mac OSX Java Malware: OSX/Flashfake.c
This Trojan is installed via exploitation of a flaw in Oracle Java (CVE-2012-0507). The Mac OS X - based malware masquerades as an Adobe Flash Player install.
Upon infection the malware will install fake/rogue security software, and allow for the downloading of additional malicious components, sensitive data extrusion, and other malicious control methods.
Infected hosts report back to an external server and can receive further instructions/payloads via that method (C&C / bot-based control). CVE-2012-0507 is an Oracle Java vulnerability, which was patched by Apple (as a 34rd party component) in April 2012.
Therefore....make sure your OSX software is up to date
Chrome for Mac Update
Google have just updated Chrome for Mac.
On your Mac go to the Chrome menu bar, Chrome; About Chrome, Update Now
Microsoft Word Document Malware
|
Updating Word for Mac to the latests version protects you against this: Exploit-OLE2.gen MTIS12-053-A |
|||||||||||||||
|
|||||||||||||||
Apple Safari Vulnerability
A vulnerability affecting Apple Safari has just been discovered.
By tricking the user into opening a malicious web page, an attacker may be able to execute arbitrary code. Exploit code for this vulnerability is publicly available.
The only fix available as of now, until Apple offers a patch, is to disable Javascript under 'Preferences', 'Security'
The other option is to use Firefox 3.6 with the NoScript add-on, or Google Chrome. It is likely that Google Chrome is not affected by this vulnerability.