Monday, December 03, 2012, 06:27 pm
By Mikey Campbell
A new piece of malware that takes advantage of a well-documented Java vulnerability has been found on a website dedicated to the Dalai Lama, with the trojan able to install itself on an unwitting Mac user's computer to capture keystrokes and other sensitive data.
Screenshot from a Google cache of the gyalwarinpoche.com webpage. | Source: F-Secure
Dubbed "Dockster," the malware was first found by antivirus and security firm Intego to have been uploaded to the VirusTotal detection service on Nov. 30. At the time of its discovery, the remote address associated with trojan was not active, possibly indicating that the code's creators were testing whether it would be detected, but as of this writing the malicious code is now "in the wild."
As noted in a separate report from F-Secure (Flashback exploit from September 2011. Dockster leverages the same Java vulnerability to drop the backdoor onto a Mac, which then executes Read the full article →
UPDATE: Click this link to download Instructions and Scripts to check your Mac for any infections from Flashback Trojan. (These files have been created and checked by MacDaddy to be safe!)
Earlier this week, Apple released a Java security update, 2012-001, to patch the Flashback vulnerability that a security company claims affected 600,000 Macs.
April 5, 2012
Late this evening, we are getting reports from readers that a new version of the Java update is becoming available via Software Update.
The latest update, Java for OS X 2012-002, supersedes the -001 update Apple released earlier this week, and indeed the KB article linked from the -002 update is still the -001 version (below).
Update: Apple sent a note out to its Java Community, below, with the ‘why’ (small issue they are the same but for a few symlinks and version numbers.)
Today we re-shipped our Java 1.6.0_31 for OS X Lion today to address a critical issue we found in Xcode and Read the full article →