Friday, April 6, 2012

Macintosh Zombies

Unfortunately, I'm not talking about fanboys, but about a massive Mac botnet:
Two months ago, a new variant of the Flashback Trojan started exploiting a security hole in Java to silently infect Mac OS X machines. Apple has since patched Java, but this was only yesterday. As of today, more than 600,000 Macs are currently infected with the Flashback Trojan, which steals your user names and passwords to popular websites by monitoring your network traffic.
I've been saying for a long while that this sort of thing was inevitable, and have been saying that Apple is pathetic in how slowly they patch security holes in Java - Microsoft patched this weeks and weeks ago.

If you run Mac OS X, you can find details on uninfesting your machine here.  And remember that this is no longer operative:


Broken Andy said...

Microsoft didn't patch anything. It was Oracle (Sun) who provided patches for the JVMs on Windows and Linux since it is their code. However, Apple in their infinite wisdom repackages Java with special Apple pixie dust and therefore all Oracle could do was offer up the code to Apple, who promptly shelved it. Big screw up on Apple's part.

Borepatch said...

My point is that Apple's arrogance about security updates is nothing new. Microsoft has gotten the religion, and it would be good if Apple did, too.

Broken Andy said...

I don't pay close attention to Microsoft as I try hard to avoid their products. But certainly Apple could stand some churchin'. So, agreed.