Wednesday, April 11, 2012

Apple promises Flashback removal tool, but third-party security firms beat it to the punch

Mac OS X has been patched to prevent further infections by the Flashback trojan, but that doesn't help those already infected. Apple has announced that it is developing a tool to clean systems infected by the virus, but hasn't announced when it will be available. Users don't need to wait for that tool, however, as third-party security firms already have solutions in place.

On Monday, well-known security firm Kaspersky launched a Flashback removal tool. At the Kaspersky site, you can run both a scan to see if you are infected, as well as download and use a separate tool to disinfect your system, as well.

Another security firm, F-Secure, followed up with its own disinfection program on Wednesday.

Both programs are far easier for end users than prior methods, which involved running through a long series of command line instructions.

Although Apple has issued patches for the Java vulnerability, it's done so for Mac OS X 10.6 and 10.7. It has not released a patch for Mac OS X 10.5, which is reportedly still used on over 16 percent of Macs.

In addition, Apple hasn't added detection for Flashback to the built-in Xprotect Mac OS X antivirus tool.  Somewhat embarrassingly, Flashback spread through a Java vulnerabilitythrough a vulnerability Java that Oracle fixed in February, but that Apple delayed in implementing.

Although Flashback exploits a vulnerability in Java, not OS X directly, it's still another example of why Mac users, once comfortable in their perceived invulnerability, need antivirus protection. And although Apple provides Xprotect with Mac OS X, it's far less effective than third party solutions from Kaspersky, F-Secure, Symantec, and more.

No comments: