[Security] Massive infection of Mac machines thanks to Java vulnerability

One of the main arguments that Mac-lovers used to claim was the fact that their machines were impervious to virus infections. Well that is not the case anymore.

Now they say Macs are almost immune to viruses, and thats a big “almost”. The reason why Macs didn’t get infected in the past was not because they had some kind of super anti-virus or because it isn’t possible to create Mac-specific viruses, it is simply because the computer market share of Apple was so insignificant, it didn’t make any sense to write viruses for Macs.

But now, with the rising popularity of Apple and its machines, it has also become increasingly popular to target Macs. It was the case last week, when a Flashback Trojan exploiting a Java vulnerability infected up to 550 thousand Macs according to some sources.

The malware was designed to install itself on unprotected Mac machines and establish a back door for the subsequent download of additional viruses. The users don’t even need to interact, a simple visit to a site loaded with the exploit code suffices for the malware to be downloaded.

On April 4th, a security update was released for OS X Java, thus plugging the security vulnerability.  But this happened 6 full weeks after Windows had released a patch targeting this particular vulnerability in Java.

Granted Windows is much more experienced in dealing with virus infections, vulnerabilities and malware, if Apple doesn’t want to permanently loose its reputation as a provider of virus-free hardware and software, it needs to seriously consider investing time and energy in dealing with this kind of issues.

If you are using Mac machines and suspect your hardware might have been infected, let us know asap so that we can diagnose the issue.

[Update] On April 13th, Apple has released a software patch that removes the Flashback Trojan, and just two days later a new threat has turned up, this time using infected Office documents as a vector.

This entry was posted in Other interesting stuff and tagged , , , , , . Bookmark the permalink. Both comments and trackbacks are currently closed.

One Comment

  1. Posted August 6, 2012 at 12:11 | Permalink

    Hi Merrill

    The vast bulk of the comments I get are spam, but I do tend to batch them up and deal with them once a week or so. Hence the delay in replying to you! I don’t like automating too mch of htis kind of thing – I’m still old-fashioned enough to believe that some are genuine!

    All the best


  • "Whatever they promise, they over-deliver"