Several community members have asked about the Mac Java Trojan known as Flashback that has been covered in common computer magazines and blogs and in the mainstream press.
What is it?
The coverage has been focusing on a bug in Java which allowed computers (mostly Macs) to be compromised, becoming part of a botnet and used to attempt to steal personal information and further propagate itself. Estimates say that 600,000 Macs were affected. Although the company that makes Java had identified and corrected the vulnerability, Apple did not immediately release a new Java package for the Mac which addressed this issue.
Part of the concern and the reason this has attracted attention is that in the past, Mac-compatible viruses and exploits have been rare (although this is certainly not the first or the last). As Apple’s market-share rises, it is likely that this will increase in frequency. While *this* threat is avoided by disabling Java, that action does not address future issues. Everyone, Mac users included, should be aware of their personal security, and that it is advisable to run AntiVirus and regular updates.
Does it affect me? What should I do?
- College-owned Macs run Sophos AntiVirus. Per Sophos, all versions of the AV product detect and eliminate the Java trojans in question. To our knowledge, no Bryn Mawr-owned Macs have been affected.
- On personal macs, people who have regularly done their updates would not be vulnerable to this particular exploit, unless they were affected before an update was available, and they do not run a credible AntiVirus package. If you think you may have been affected, consider installing the Sophos AV for Macs (below) or see https://github.com/jils/FlashbackChecker/wiki (this checker utility will *not* remove the malware).
- It is also possible for Windows computers with outdated versions of Java to be affected by similar attacks. As Java updates itself frequently and many Windows users run AntiVirus, the intrusion into Windows was very low.
- Disabling Java has been recommended by some, but now that an update is available, updating is the better path. Disabling Java makes some things non-functional, including some Blackboard functionality, the off-campus VPN client, as well as many software packages and some common Web sites.
- For personal Macs, we recommend Sophos’ free Mac AV client: http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx and frequent Apple updates.
Please be aware that Mac OS 10.5 is no longer being updated by Apple (including with new Java versions), and we will soon be ending campus support for it. Support for previous versions has already ended and these should not be on the network. Please consider upgrading your equipment to a newer version of OS X or replacing it as needed.
