14 DAY TRIAL // After promising to release software that prevents infection with the Flashback Trojan, Apple has released Java for OS X Lion 2012-003 and Java for Mac OS X 10.6 Update 8, which remove the most common variants of the Flashback malware from Macintosh computers.
Apple is late in delivering a fix for the malware that has reportedly infected over half a million machines worldwide. Pretty much every major security vendor managed to roll out a patch ahead of the Cupertino, California tech-giant.
Better late than never, though. Apple’s Java for Mac OS X 10.6 Update 8 targets Snow Leopard machines, and users are told that if they do not use Java applets, it is recommended that they disable the Java web plug-in in their web browser.
“Java for Mac OS X 10.6 Update 8 delivers Java SE 6 version 1.6.0_31 and supersedes all previous versions of Java for Mac OS X v10.6,” Apple says. “This update is recommended for all Mac OS X v10.6 users.”
On OS X 10.7, Java for OS X Lion 2012-003 also configures the Java web plug-in to disable the automatic execution of Java applets.
According to the company run by Tim Cook, “Users may re-enable automatic execution of Java applets using the Java Preferences application. If the Java web plug-in detects that no applets have been run for an extended period of time it will again disable Java applets.”
“Java for OS X Lion 2012-003 delivers Java SE 6 version 1.6.0_31 and supersedes all previous versions of Java for OS X Lion,” reads Apple’s documentation. “This update is recommended for all Mac users with Java installed.”
In a dedicated support article describing the security content of these updates at length, Apple reveals that, during installation, a Flashback malware removal tool will be run:
“This update runs a malware removal tool that will remove the most common variants of the Flashback malware. If the Flashback malware is found, it presents a dialog notifying the user that malware was removed. There is no indication to the user if malware is not found.”
Mac users can download both new Java releases at this here address, or by running Software Update on their Macs.