OFFICIAL SECURITY BLOG

We’ve moved! You can now read the latest and greatest on Mac adware and malware at Malwarebytes.

Problem with Yosemite Recovery Update 1.0

Posted on April 11th, 2015 at 9:50 AM EDT

If you’re a reader of this blog, there’s a higher-than-usual chance that you are one of those security-minded folks with both FileVault disk encryption and a firmware password enabled. If so, you may have a problem after installing Yosemite Recovery Update 1.0. When I installed it (along with 10.10.3), I ended up with the dreaded “flashing folder with a question mark” icon when the machine restarted halfway through the install.
Read the rest of this entry »

16 Comments

Major Java update brings 40 bug fixes

Posted on June 18th, 2013 at 8:43 PM EDT

This still doesn’t change my opinion that Java needs to be avoided. These fixes came after almost two months of vulnerability, and Java has had a recent history of becoming vulnerable again within days of each fix. We’ll see how things fall out at this point, but I don’t have high hopes. If you have to use Java in your web browser, though, you should not delay installing this update. Be cautious, though, as some Java applets may not function well (or at all) with the update, so check compatibility beforehand. Of course, that may leave you in the unenviable position of having to choose between staying vulnerable and losing access to the applet that you need Java for in the first place.

2 Comments

Important security updates

Posted on March 15th, 2013 at 10:02 AM EDT

Apple posted a couple updates yesterday with some very important security content, and I advise updating as soon as you can. Both Mac OS X 10.8.3 and Security Update 2013-001, available for both Snow Leopard and Lion, contain a number of important security updates. However, one in particular is likely to cause the hair to stand up on the back of the neck of anyone who has been following the saga of Java’s recent descent into vulnerability perdition.
Read the rest of this entry »

25 Comments