Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Apple Java Updates for Mac OS X SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Apple Java Updates for Mac OS X

This Java security update removes the most common variants of the Flashback malware. "Java for OS X Lion 2012-003 delivers Java SE 6 version 1.6.0_31 and supersedes all previous versions of Java for OS X Lion." [1] Apple recommends that all Mac users install this update where Java is installed.

OS X Lion v10.7.3, OS X Lion Server v10.7.3
Impact: The Java browser plugin and Java Web Start are deactivated if they remain unused for 35 days

For OS X Lion systems
Download file: JavaForOSX.dmg

Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3
Impact: A Flashback malware removal tool will be run

For Mac OS X v10.6 systems
Download file: JavaForMacOSX10.6.dmg

Java for OS X 2012-003 and Java for Mac OS X 10.6 Update 8 is available via the Software Update pane in System Preferences or via the Apple web site here.

[1] http://support.apple.com/kb/HT5242

[2] http://www.apple.com/support/downloads/

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

Guy

479 Posts
ISC Handler
Apr 12th 2012

Sign Up for Free or Log In to start participating in the conversation!