Apple Hits Flashback Trojan With Second Java Update

Apple has issued a second security update aimed at Flashback, the Mac malware that has reportedly infected 600,000 computers since last year.

As Intego notes, the Java for OS X 2012-002 update appears to be same as the one Apple issued earlier this week, but the latest update is aimed only at Max OS X Lion users. It's possible, Intego says, that Apple found a glitch in the first update that would make a new release necessary.

The update "delivers improved compatibility, security and reliability by updating Java SE 6 to Java 1.6.0_31," Apple's update prompt says.

Security companies first discovered the Flashback trojan last September. At the time, the malware masqueraded as an update for Adobe Flash, but as of April, Flashback was infecting users who visited compromised Websites, without requiring a password for installation. Apple patched the vulnerability this week, but not before 600,000 users were infected according to antivirus vendor Dr. Web. (Other firms have said they can't confirm the number of infections.)

Intego recommends installing the latest update right away. "The Flashback malware has been very active in the wild, and can install with no user interaction, if Java is not patched," the company says in a blog post.

Follow Jared on Twitter, Facebook, or Google+ as well as Today @ PCWorld for even more tech news and commentary.

Shop ▾
arrow up Amazon Shop buttons are programmatically attached to all reviews, regardless of products' final review scores. Our parent company, IDG, receives advertisement revenue for shopping activity generated by the links. Because the buttons are attached programmatically, they should not be interpreted as editorial endorsements.
recommended for you

Flashback Trojan FAQ

Read more »

Subscribe to the Security Watch Newsletter

Comments