Apple silently released security patches for Java, addressing 12 separate flaws yesterday after their OS X operating system was found to be vulnerable to the Flashback Trojan. In fact security experts were so worried about the potential for damage from the malware that they recommended ditching Java until it had been plugged.
While those using Microsoft’s Windows OS were at the highest level of risk initially, the Mac Security blog Intego found a new Flashback variant in the wild at the beginning of March, created to specifically target Apple OS X users.
The new update is available from the update manager for OS X 10.6 and 10.7 operating systems and is described by Apple as targeting “multiple vulnerabilities [that] exist in Java 1.6.0_29, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. “
Further investigations by Sucuri Security located a considerable number of infected websites using older releases of WordPress with the "ToolsPack" plugin installed. Analysis of this plugin revealed it was simply a backdoor that allowed hackers to execute any code on the infected website. It is believed these sites are re-directing the browsers of Mac OS X users to webpages containing the new strain of Flashback malware.
Whilst it is good that Apple has finally patched the vulnerabilities that Windows users saw updates for back in February, it is rumored that one critical flaw remains, which F-Secure says is being actively discussed on underground forums where money is also being exchanged in return for the exploit code.
"It is strongly recommended to update your Java client to the latest version, disable it when not needed, or better yet, remove it completely if you don’t really need it," the security firm said in a blog post yesterday.
Attacks are rarely as serious in nature on Apple’s OS X platform, but there is no doubt that exploits are increasing as hackers realize the value of targeting their OS. More alarmingly, the Flashback malware has also opened up another potential problem – Apple by all accounts has been very slow to respond to the security fixes that Oracle released for their affected software used on Windows back In February.
The iPhone 4S looks identical to last year's model but comes in a new 64GB flavor and upgrades the camera to include an 8-megapixel sensor with improved low-light performance and 1080p video capture. In terms of performance the new iPhone is reportedly up to 2x faster and is also capable of running on faster HSPA+ networks, reaching theoretical download speeds of up to 14.4Mbps.
The Apple TV is a digital media receiver designed to play digital content like iTunes Store and NetFlix. The Apple TV features a micro-USB, HDMI, optical audio and an Ethernet port. It also allows you to sign in to your Wi-Fi account and use the remote (or better yet, the free Remote app on an iPhone, iPad, or iPod touch) to navigate around.
The Apple iPad (3rd-gen) includes a Retina Display operating at a resolution of 2,048 x 1,536. Powering the new iPad is a dual-core A5X processor with quad-core graphics, it also gets upgraded optics in the form of a 5MP backside illuminated sensor that features a 5-element lens, IR filter and ISP built into the A5X chip. Apple claims The new iPad is good for 10 hours of battery life and nine hours when using 4G LTE.
Read expert reviews, pros & cons, and product information about Apple MacBook Pro 13.3 inch - Winter 2011 Version - Intel Core i5. There are 17 reviews available so far.
Downloads and Drivers
From the Forums
Subscribe to TechSpot
Get free exclusive content, learn about new features and breaking tech news.