Follow The Safe Mac on Twitter to stay advised of the latest Mac security news!
Posted on August 31st, 2012 at 5:31 PM EST
A mere 7 hours after the release of Oracle’s emergency update to Java, version 7 update 7, an independent security researcher has discovered yet another vulnerability that is still present in the latest version, according to a report from MacWorld. Although this vulnerability is not being exploited in the wild, and the discoverers are supplying the details only to Oracle, this does not mean that Java users are safe. What one person can discover so easily, another can discover as well. This is simply yet another sign that Java is simply should not be used anymore. If you haven’t disabled it in your web browser before now, you really should do so.
Posted on August 30th, 2012 at 9:25 PM EST
Oracle has released a security update for Java to eliminate the vulnerability being used to install malware. Java 7 has been updated, but interestingly, so has Java 6, which supposedly did not contain the same vulnerability. Apparently some form of the vulnerability actually was in Java 6, however, as the release notes indicate a fix for the same vulnerability. Users of Java 7 should download and install Java 7u7 from Oracle immediately. Users of Java 6 will have to wait for Apple to issue an update, which should be forthcoming very shortly if the last Java security update is any indication.
Posted on August 30th, 2012 at 1:48 PM EST
Intego announced yesterday that they have seen signs that Mac malware is now being dropped into vulnerable systems via the Java exploit discovered earlier this week. Although they have not yet actually seen this first hand, from the sounds of it, the malware being dropped is evidently a variant of the Tsunami hacker tool, the Mac version of which appeared in October of last year. Read the rest of this entry »
Posted on August 27th, 2012 at 8:50 PM EST
Intego announced today the discovery of a new Java vulnerability that is being actively exploited in the wild to install Windows malware. Unfortunately, all users of Java 7 are vulnerable, regardless of system, and there is currently no patch available to fix the vulnerability. Although there is no known Mac malware being installed via this exploit, that could change at any time. There could be Mac malware beginning to spread via this exploit, just as Flashback did, as you read this.
Posted on August 24th, 2012 at 1:34 PM EST
A new malware remote access kit named NetWeird has surfaced, though it is unclear whether it is actually “in the wild” yet or not. It has been written about by both Intego and Sophos, who have obtained it (from the sounds of things) from VirusTotal. Although it sounds like the current version isn’t much of a threat, it certainly could become more serious at any point. Read the rest of this entry »
Posted on August 23rd, 2012 at 7:15 AM EST
Adobe has released another Flash update, fixing more vulnerabilities. Although these vulnerabilities have not yet been exploited in the wild, to anyone’s knowledge, they could easily be at any time now. In addition, Apple has changed the minimum allowed version of Flash. Many Mac users will be seeing notices that their version of Flash is outdated and that the plug-in will be blocked until it is updated. Unfortunately, there are a number of reports that the self-updating features of Flash are not working properly. To update to the latest version of Flash, download and install it from Adobe’s site:
Posted on August 17th, 2012 at 7:56 AM EST
Adobe had issued an update to their Flash Player plugin in response to a vulnerability that is being exploited “in the wild” by malware. That malware, apparently, can install as a drive-by download, thanks to a Flash Player vulnerability, in Internet Explorer on Windows. Although that malware cannot affect a Mac in any way, Mac users should install the update as soon as possible, to protect against the possibility of a future attack. Remember, once a vulnerability is publicized, hackers know exactly where to strike to affect machines that have not been updated.
You can download the update from:
Posted on August 6th, 2012 at 4:33 PM EST
Many people using the latest versions of Mac OS X (10.7, aka Lion, and 10.8, aka Mountain Lion) have had problems getting Java applets to run. This is causing a great deal of confusion, and even some hard feelings, especially amongst those who have upgraded from older systems where Java worked just fine. Fortunately, the problem is easily fixed. However, before you fix it, you need to ask yourself an important question: “Should I fix it?”
Posted on August 1st, 2012 at 10:11 PM EST
Every now and then I get questions about how to schedule some kind of task that will happen periodically. For example, you may want to copy a file to or from a remote server at a particular time every day, load a particular web site periodically or gather some information and send it as a text to your cell phone every morning at 8 am. The possibilities are endless. There are a number of possible solutions to this problem, which have their advantages and disadvantages. In this article, we’ll explore several of them, but the main focus will be on the “geekiest” of those solutions: LaunchAgents! Read the rest of this entry »