Apple Releases Patch For Flashback Malware

Apple Releases Patch For Flashback Malware

As Apple’s Mac OS X line of computer are getting more demand, so is the demand for virus creators to make viruses and malware for the Mac OS X. Recently a strain of malware has been released to infect Mac OS X. As of a recent report, more than half a million (about 600,000 users) Mac OS X users are infected with the malware.

Recently Apple released an update to Java (Java for OS X Lion 2012-003) to help alleviate most flashback malware. The Java update delivers Java SE 6 version 1.6.0_31, removes previous Java applications, removes the most common flashback strain of malware and also disable  automatic execution of Java applets by default (though can be re-enabled if needed). The update can be found in the “Software Updates” in Mac OS X. And with most security patch, Apple highly recommends you to have this update immediately; and, depending on how long it has been since you downloaded previous updates and your internet connection speeds, this may take some time to download and install.

A way of checking if you have the malware is by doing the following commands

1. Run the terminal application
2. Apply the following command in Terminal: “defaults read /Applications/Safari.app/Contents/Info LSEnvironment”
3. Take note of the DYLD_INSERT_LIBRARIES value in terminal
4. If you do not have the message, you may be infected: “The domain/default pair of (/Applications/Safari.app/Contents/Info, LSEnvironment) does not exist”

Another strain has a different command

1. Run the terminal application
2. Apply the following command in Terminal: “defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES”
3. Take note of the result.
4. If you do not have the message, you may be infected: “The domain/default pair of (/Users/<user>/.MacOSX/environment, DYLD_INSERT_LIBRARIES) does not exist”

If you are infected, run the Apple software update immediately.

More information can be read at http://support.apple.com/kb/HT5242?viewlocale=en_US&locale=en_US