OFFICIAL SECURITY BLOG

We’ve moved! You can now read the latest and greatest on Mac adware and malware at Malwarebytes.

Did Java just fall down again?!

Posted on January 16th, 2013 at 3:39 PM EST

Brian Krebs has reported today that Java may have fallen victim to yet another vulnerability, which may have been sold to malware creators already. There is no confirmation of this story, but given Java’s past, it wouldn’t be at all surprising. Especially since other reports have indicated that Oracle’s fix for last week’s vulnerability only removed one method for exploiting an underlying vulnerability that still remains in place. I’ve said it before, and it continues to be true: Java is holier than Swiss cheese! If you are still running Java applets in your web browser, in spite of everything that has happened over the course of the last year, you should take this as yet another warning. Find a different way of achieving those tasks and turn off Java in your web browser ASAP!

8 Comments

Apple and Mozilla act fast to secure Java

Posted on January 12th, 2013 at 8:42 AM EST

Thursday saw the discovery of a new Java vulnerability (see New Java vulnerability discovered). Worse, the discovery of this vulnerability came at the same time as discovery that it was already being exploited actively to drop malware onto vulnerable Windows machines. Macs were undoubtedly soon to follow, since several prominent cross-platform “crime kits,” such as Blackhole, are known to have started using this vulnerability. Fortunately, less than 24 hours after this news broke, both Apple and Mozilla (creators of the Firefox web browser) had acted to protect users of their products against this threat.
Read the rest of this entry »

7 Comments

New Java vulnerability discovered

Posted on January 10th, 2013 at 2:15 PM EST

Seems like it hasn’t been that long since we were talking about the last one of these, but the vicious cycle begins again. Brian Krebbs has reported the discovery of a new vulnerability that affects even users of the latest version of Java (Java 7 Update 10). Once again, users are advised to disable Java in their web browsers.
Read the rest of this entry »

1 Comment

Cross-platform malware Jacksbot found in the wild

Posted on November 1st, 2012 at 7:19 AM EDT

It has been fairly quiet in the Mac malware world lately, but there is one minor annoyance that has finally surfaced. A couple weeks ago, Intego announced discovery of a new cross-platform remote access tool, which they called Jacksbot. At the time, although they called it a trojan, they had never seen it in the wild, and had no idea how it would get installed on a user’s machine. According to a post on the Trend Micro website on Tuesday, however, it has now been found on a couple machines in the wild.
Read the rest of this entry »

4 Comments

Apple releases another Java update

Posted on September 5th, 2012 at 10:09 PM EDT

Only a week after Oracle released Java 6 update 35, Apple has turned out their updates to Java 6 update 35 for Mac users. These updates should fix security vulnerabilities that were discovered in the previous version of Java 6, and should be installed by all users of Java 6. (Java 6 is the version installed when you try to run something that requires Java and are asked if you want it installed. Java 7 must be downloaded and installed manually from the Oracle website.)

The updates available are Java for OS X 2012-005, for Lion (Mac OS X 10.7) and Mountain Lion (OS X 10.8), and Java for Mac OS X 10.6 Update 10, for Snow Leopard (Mac OS X 10.6).

1 Comment

Java falls again

Posted on August 31st, 2012 at 5:31 PM EDT

A mere 7 hours after the release of Oracle’s emergency update to Java, version 7 update 7, an independent security researcher has discovered yet another vulnerability that is still present in the latest version, according to a report from MacWorld. Although this vulnerability is not being exploited in the wild, and the discoverers are supplying the details only to Oracle, this does not mean that Java users are safe. What one person can discover so easily, another can discover as well. This is simply yet another sign that Java is simply should not be used anymore. If you haven’t disabled it in your web browser before now, you really should do so.

5 Comments

Oracle issues security update for Java

Posted on August 30th, 2012 at 9:25 PM EDT

Oracle has released a security update for Java to eliminate the vulnerability being used to install malware. Java 7 has been updated, but interestingly, so has Java 6, which supposedly did not contain the same vulnerability. Apparently some form of the vulnerability actually was in Java 6, however, as the release notes indicate a fix for the same vulnerability. Users of Java 7 should download and install Java 7u7 from Oracle immediately. Users of Java 6 will have to wait for Apple to issue an update, which should be forthcoming very shortly if the last Java security update is any indication.

3 Comments

Java vulnerability being used to drop Mac malware

Posted on August 30th, 2012 at 1:48 PM EDT

Intego announced yesterday that they have seen signs that Mac malware is now being dropped into vulnerable systems via the Java exploit discovered earlier this week. Although they have not yet actually seen this first hand, from the sounds of it, the malware being dropped is evidently a variant of the Tsunami hacker tool, the Mac version of which appeared in October of last year.
Read the rest of this entry »

This post is more than 30 days old and has been locked. No further comments are allowed.

New unpatched Java vulnerability discovered!

Posted on August 27th, 2012 at 8:50 PM EDT

Intego announced today the discovery of a new Java vulnerability that is being actively exploited in the wild to install Windows malware. Unfortunately, all users of Java 7 are vulnerable, regardless of system, and there is currently no patch available to fix the vulnerability. Although there is no known Mac malware being installed via this exploit, that could change at any time. There could be Mac malware beginning to spread via this exploit, just as Flashback did, as you read this.


Read the rest of this entry »

This post is more than 30 days old and has been locked. No further comments are allowed.

New Java update addresses more vulnerabilities

Posted on June 13th, 2012 at 9:22 PM EDT

Apple has released another Java update, patching a number of new vulnerabilities.  Full details on the vulnerabilities can be found on Oracle’s web site.  Although there are no malware exploits currently known to be using those vulnerabilities on a Mac, I still advise updating immediately.  Keep in mind that when the vulnerabilities are patched, that essentially gives malware authors a road map for where to strike at unpatched machines, making you far more vulnerable than you were before.  To update, simply run Software Update and install the Java update.  Updates are only available for users of Snow Leopard (Mac OS X 10.6) and Lion (Mac OS X 10.7).

This post is more than 30 days old and has been locked. No further comments are allowed.