Author Topic: ouch Mac's (Read 7281 times)

goldshirt*9 · « **on:** April 08, 2012, 08:37:26 AM »

http://www.bbc.co.uk/news/science-environment-17623422
seems the mighty Apple has been hit by a trojan .

Will the near invincible linux be next

smokester · « **Reply #1 on:** April 08, 2012, 02:24:02 PM »

I read about that the other day and wondered if the honeymoon was now over with 'swing' users. Purists will always be Mac fans but if they are subject to the same vulnerabilities as Windows machines, I know a few that would fall out of love with them pretty quickly.

smokester · « **Reply #2 on:** April 08, 2012, 04:32:29 PM »

Quote from: christ on April 08, 2012, 04:13:01 PM

It's a Java vulnerability, that hits older intel-powered machines that are not fully updated (but not pre-intel machines).

Always likely to be the most successful attack: a silent one that doesn't overtly affect the mac itself, but potentially recruits it to a botnet; attacked through a common vector (java, flash, office macro/ visual basic) rather than through the OS.

Moving to the Intel architecture brought its own disadvantages.

(I suppose that it isn't worth noting that the potential apparently hadn't actually been realised in this case, if you read the small print in some reports: ""We stress the word potential as we have never seen any malicious activity since we hijacked the botnet to take it out of criminals' hands.")

^ That's a keeper.

goldshirt*9 · « **Reply #3 on:** April 09, 2012, 02:26:43 AM »

seems like a few mistakes

"Java's developer, Oracle, issued a fix to the vulnerability on 14 February, but this did not work on Macintoshes as Apple manages Java updates to its computers."

"Apple released its own "security update" on Wednesday - more than eight weeks later. "

""People used to say that Apple computers, unlike Windows PCs, can't ever be infected - but it's a myth," said Timur Tsoriev, an analyst at Kaspersky Lab."

"Apple could not provide a statement at this time"

smokester · « **Reply #4 on:** April 09, 2012, 11:10:34 AM »

Quote from: christ on April 09, 2012, 09:08:23 AM

Quote from: goldshirt*9 on April 09, 2012, 02:26:43 AM
seems like a few mistakes

"Java's developer, Oracle, issued a fix to the vulnerability on 14 February, but this did not work on Macintoshes as Apple manages Java updates to its computers."

... and Apple doesn't use Oracle's Java releases, so Oracle's updates wouldn't work

Quote from: goldshirt*9
"Apple released its own "security update" on Wednesday - more than eight weeks later. "

... because it takes a while to identify, address, test and release software updates, if they are going to work. Apple may or may not have been informed of the vulnerability at the same time as Oracle were, and the fix may be more (or less) complex than the Oracle fix.

Quote from: goldshirt*9
""People used to say that Apple computers, unlike Windows PCs, can't ever be infected - but it's a myth," said Timur Tsoriev, an analyst at Kaspersky Lab."

Yup. It's a myth that really irritates the vendors of anti-malware software, as it cuts into their potential profit. It may be worth noting that no currently extant anti-malware software would have caught this trojan.

I don't believe anyone (with any sense) has ever said that "Apple computers can't ever be infected"; a lot of folk (myself included) have pointed out the paucity of Apple-specific malware (again, it is possible that it is worth noting that the trojan under discussion is not targeted at the Mac OS, but at Java - Apple has taken bespoke Java development under its wing in an attempt to remove the attack vectors from even this software, before it is deprecated from the Mac like it is from the iPhone and iPad, doubtless to howls of "control-freakery" from the same press currently laughing fit to bust)

Quote from: goldshirt*9
"Apple could not provide a statement at this time"

Apple would not provide a statement at this time

... is there any chance at all that anything that Apple said would have helped in any way?

PS - This is the first malware that I even checked for on any of my macs: but apparently my machines don't fall into any of the categories vulnerable to Flashback anyway. Next on this channel: "How easy is it to recover an infected machine?"

I remember some help you gave me (by way of advice) with a mac and a possible virus some time ago. As I recall, while the advice was helpful the owner of the machine wasn't as she had just assumed there was a problem when the computer in question became a little less responsive.

I think that's the only brush with a mac virus I've had to date, and even that was imaginary.

goldshirt*9 · « **Reply #5 on:** April 09, 2012, 03:24:34 PM »

forgot about this post.
As I originally said a few mistakes on all side .Arrogance, complacency, Hopefully all is sorted and no more problems.
I side with the complacency and hope my friend has sorted his mac out.

Author Topic: ouch Mac's (Read 7281 times)

goldshirt*9

ouch Mac's

smokester

Re: ouch Mac's

smokester

Re: ouch Mac's

goldshirt*9

Re: ouch Mac's

smokester

Re: ouch Mac's

goldshirt*9

Re: ouch Mac's