Apple published a support document this evening regarding the Flashback malware that affects OS X computers. We previously detailed the software which began life last year as a trojan and has morphed into a drive-by download taking advantage of a vulnerability in Java that Apple did not patch until last week.
The malware is said to have infected over 600,000 Macs worldwide. While 3rd party tools have been developed to test for the infection, Apple reveals they are working on their own tool to detect and remove the software:
Apple is developing software that will detect and remove the Flashback malware.
In addition, Apple has been working with ISPs worldwide to disable the servers that send commands to the malware.
Top Rated Comments
We can accuse Microsoft of many things, but not taking security seriously is not one of them. Yes, there was a time were they were hopeless but they got burned too many times and changed their attitude. They're not infallible and neither is their product but their attitude towards security and the security community puts Apple to shame.
Apple dropped the ball on this one. Things like this happen, Apple is not perfect and no one expects them to be. But instead of blindly defending them we, the Mac community and their customers, should be saying to Apple, "This is not acceptable, things have got to change. Waiting till after a serious outbreak to patch a vulnerability that was vendor patched months ago is not acceptable."
Blindly defending Apple and getting into pedantic arguments over definitions, validity of numbers, etc achieves nothing. Demanding better from Apple benefits everybody.
They don't. This is a Trojan that's downloaded through a java exploit. Viruses are programs that run and do odd things without your permission. Trojans are different. Every computer is susceptible to Trojans, except for walled garden computers like the iPad and a few Linux distros.
The ONLY way to get Java on the Mac is from Apple. Apple may not preinstall Java on Macs anymore but when you want it, you get it from Apple. That's why updates for Java are also pushed out through the built-in OS software update. It's the way it's worked for years.
Oracle publicly released the fix for this security hole on Windows in February. Apple is the ONLY one who could have released the fix for Mac Java because it writes and distributes Mac Java. It waited until after Flashback installed itself on 600,000 Macs to release the fix. Who's at fault here?
BOTTOM LINE: To the everyday user who bought a Mac because "it doesn't get viruses", IT'S AN INFECTION. End of story. Virus, Malware, Trojan, or whatever, the everyday user doesn't care about the technical definitions. To them it just means problems they don't want. So stop trying to get technical about it. That's Apple's job when trying to come out with a patch.
With Apple's popularity, did you really think it wasn't going to get the attention of the mischievous ones. It's only gonna get worse from here. So strap yourselves in and get ready, it's gonna be a bumpy ride.
Look up the definition of a virus then look up the definition of a trojan. Enjoy :)
Who said that? Apple didn't. This is straight from their page:
Not to mention this isn't a virus its a trojan, two completely different things.
To be fair Microsoft has Windows Malicious Software Removal tool which *sometimes* does a good job at removing malware.