Apple Developing Software to Remove Flashback Malware

Better than what Redmond would do.

What exactly would Redmond have done? My guess is that they would of patched the bug back in February when Oracle released the patch as opposed to Apple's current practice of reactively releasing patches after an outbreak or after a security researcher gets fed up and publicly announces a vulnerability. It's worrying over the years how many instances there has been of researchers submitting a vulnerability to Apple, only to have Apple do nothing, and then when the researcher publicly releases the vulnerability Apple magically has a patch for it within a few days.

We can accuse Microsoft of many things, but not taking security seriously is not one of them. Yes, there was a time were they were hopeless but they got burned too many times and changed their attitude. They're not infallible and neither is their product but their attitude towards security and the security community puts Apple to shame.

Apple dropped the ball on this one. Things like this happen, Apple is not perfect and no one expects them to be. But instead of blindly defending them we, the Mac community and their customers, should be saying to Apple, "This is not acceptable, things have got to change. Waiting till after a serious outbreak to patch a vulnerability that was vendor patched months ago is not acceptable."

Blindly defending Apple and getting into pedantic arguments over definitions, validity of numbers, etc achieves nothing. Demanding better from Apple benefits everybody.

and they said macs dont get viruses

They don't. This is a Trojan that's downloaded through a java exploit. Viruses are programs that run and do odd things without your permission. Trojans are different. Every computer is susceptible to Trojans, except for walled garden computers like the iPad and a few Linux distros.

OS-X doesn't get viruses, Java does. :p

You realize Apple makes and distributes Java for the Mac under license from Oracle? If you try to download Java for Mac from Oracle's site directly, you'll find this message:

Apple supplies their own version of Java. Use the Software Update feature (available on the Apple menu) to check that you have the most up-to-date version of Java for your Mac.

The ONLY way to get Java on the Mac is from Apple. Apple may not preinstall Java on Macs anymore but when you want it, you get it from Apple. That's why updates for Java are also pushed out through the built-in OS software update. It's the way it's worked for years.

Oracle publicly released the fix for this security hole on Windows in February. Apple is the ONLY one who could have released the fix for Mac Java because it writes and distributes Mac Java. It waited until after Flashback installed itself on 600,000 Macs to release the fix. Who's at fault here?

I just love how sheep continue to spin this by saying, "It's not a virus, it's a trojan.", "It's not a virus, it's malware.", etc....
BOTTOM LINE: To the everyday user who bought a Mac because "it doesn't get viruses", IT'S AN INFECTION. End of story. Virus, Malware, Trojan, or whatever, the everyday user doesn't care about the technical definitions. To them it just means problems they don't want. So stop trying to get technical about it. That's Apple's job when trying to come out with a patch.
With Apple's popularity, did you really think it wasn't going to get the attention of the mischievous ones. It's only gonna get worse from here. So strap yourselves in and get ready, it's gonna be a bumpy ride.

and they said macs dont get viruses

Look up the definition of a virus then look up the definition of a trojan. Enjoy :)

and they said macs dont get viruses

Who said that? Apple didn't. This is straight from their page:

Is a Mac safe from PC viruses?
Yes. The OS X operating system isn’t susceptible to the thousands of viruses plaguing Windows-based computers. And although no computer connected to the Internet is completely immune to all viruses and spyware, OS X has built-in defenses designed with your safety in mind. The Mac web browser, Safari, alerts you whenever you’re downloading an application — even if it’s disguised as a picture or movie file. And Apple continually makes free security updates available for Mac owners. You can even have them download automatically.

Not to mention this isn't a virus its a trojan, two completely different things.

Better than what Redmond would do.

To be fair Microsoft has Windows Malicious Software Removal tool which *sometimes* does a good job at removing malware.

You realize Apple makes and distributes Java for the Mac under license from Oracle? If you try to download Java for Mac from Oracle's site directly, you'll find this message:



The ONLY way to get Java on the Mac is from Apple. Apple may not preinstall Java on Macs anymore but when you want it, you get it from Apple. That's why updates for Java are also pushed out through the built-in OS software update. It's the way it's worked for years.

Oracle publicly released the fix for this security hole on Windows in February. Apple is the ONLY one who could have released the fix for Mac Java because it writes and distributes Mac Java. It waited until after Flashback installed itself on 600,000 Macs to release the fix. Who's at fault here?

Too the words right out of my mouth.

As much of a machead as I am... even *I* can't gloss over the fact Apple dropped the ball on this. It's their Java that got corn-holed and only they could fix it. Yet most everyone here still defends this incompetence. :eek: (And somehow Microsoft even gets dragged into it :))

And so much for nothing being able to infect OSX without user permission. Apples Java version allows this to happen by default.

Apple should just buy Juan Leon's Flashback Checker for $1 Billion.

Better than what Redmond would do.

Ever heard of Patch Tuesday?

Macs don't get viruses. Only PCs.