Oh, no!! Apple has a flaw!!

[DazzyD]

Despite the title I've chosen for the thread, I'm not about to get in to the Mac vs PC (or even Mac users vs PC users) debate as that is just a bit of rival banter and this subject is serious and could cause serious issues for Mac/Apple users.

Although there have a been a few sporadic malware attacks that have targeted the Apple community in the last couple of years, there's a new bad boy in town and he's already infected lots of machines. In fact, one security firm is suggesting that around of 12% of UK Mac/Apple devices have already been infected and the infection is spreading. And it needs to be stopped. Now, the one thing that is letting it spread is the cavalier attitude of the average Mac/Apple user with regards to security. They commonly hold the belief that Apple products are immune to attack due to the fact that Apple control every aspect of the OS, and not allowing third parties to mess with it, that Apple OS is watertight. Well, as the head of one computer security firm has stated "2012 will be remembered as the year Apple Mac was cracked."

This might sound like the trailer to a film but it's not. It's real. The threat comes from trojan "Backdoor.Flashback.39". It's been infecting Apple devices (not just Macs but also iPhone and iPad) for a while but, because of the scale of the attack, it's only started to get noticed recently. It exploits a flaw in Java which lets the hackers get root level access to the device and can monitor the user's activity and then send the results back to the hacker. It can identify and harvest bank details, passwords, even secret question answers such as the user's mother's maiden name. This information can make a lot of money for the hackers and cause a lot of problems and stress for the victim. And, if this doesn't sound bad enough, the worst part is just how it infects a device. It works by installing malicious code in a "drive-by attack". This means that a device can be infected just by a user visiting a compromised website that has been hacked and the code embedded in the webpage code. The user doesn't even need to download or click anything for the problems to start. So the user won't even know they've been infected until it's too late.

So, what action do Mac/Apple users need to take? First of all, a change in attitude as their devices are now vulnerable to attack on a scale never even imagined before. Then, they need to take precautions. Oracle (the producers of Java) and Apple have realised a patch to fix the loophole that let's the trojan in. Make sure that Java has been updated to the very latest version - this is secure. Then, you need to get some protection. If you don't have any anti-virus software then get some! Norton Anti-Virus 12 for Mac is a recommended software suite or, if you're tight then there's a free alternative at:

http://www.sophos.com/en-us/products...e-edition.aspx.

I'm not a Mac or Apple user so I can't make detailed recommendations. However, as I've mentioned before, I am an internet security advocate who is very active in the movement to combat internet and computer security threats, internet scams and criminal fraudulent activity (and have been since the days of BBSs!). So, I will pass on my knowledge where I can.

Sources of knowledge include:

http://nakedsecurity.sophos.com/

http://safeandsavvy.f-secure.com/

http://news.drweb.com/?i=2415&c=10&lng=en&p=0

As with any threat, the biggest threat is naivity. So, share this knowledge with your Apple/Mac-owning friends, family and colleagues and help make the internet a safer place!

[Vectis]

Good advice.

Probably worth adding though that Java isn't installed by default on OSX Lion, so unless you've specifically added it post-install, then this particular patch is of no consequence.

[Jiggles]

Never needed Java so never had it installed! BUT to put a curve ball onto this its not Apples fault/ flaw its Oracles fault thats caused the security risk.

[DazzyD]

Never needed Java so never had it installed! BUT to put a curve ball onto this its not Apples fault/ flaw its Oracles fault thats caused the security risk.

That's partly true. The fault did lie with Java but, in their defence, Oracle realised a fix as soon as they could and this helped to restrict the effect of the threat with PCs. However, it would appear that Apple have to ok any updates to products/services that are used on their OS but they were really slow on actioning this which has resulted in more Apple devices being infected than, perhaps, could have been. This isn't a new malware threat. It was first identified in 2011 but Apple have not taken any action until the last few weeks.

So, it could be said, the current scale of the problem really does lie at Apple's door.

[Megamix]

I thought I'd try the Sophos one - but alas it made my iMac grind to a halt

[Stu]

Is there anything I need to do to protect my Iphone from attack?

I'm just about to update the OS to the latest one, should i do this as normal or not?

[DazzyD]

Hi Stu

I've looked around the security organisations websites and cannot find any specific reports of any iPhones being compromised although my original source of information suggested that infected iPhones were a definite possibility.

As for should or should you not update your iPhone's OS, then the simple answer is yes, you should. By installing OS updates, you are installing the latest fixes for any problems and this includes security issues. You should always keep your system up to date as an out of date system is a lot more vulnerable to security attacks. The fact that a large number of users don't keep their systems up to date is one that a lot of virus writers consider when they're planning their coding and why malware can linger on for a lot longer than it really should.

[Megamix]

I had already run all updates, disabled java as a precaution. I'm going to continue without Anti-virus software on my mac. I run little snitch as well.

[Jiggles]

This security threat cannot affect iPhones seeing as they don't use any java at all anywhere! Soni don't see where this is happening?

[yourdj]

So what is the update required and which versions have this?

Just clicked update and it has said its updating 10.5 is this correct?