Anti-virus

Proof of Conecpt for new Apple iTunes Vulnerability

If you haven’t updated your iTunes to the latest version yet, you might want to think about doing it relatively soon.   A new proof of concept shows that a malicious playlist could execute any code it wants on your Mac.  At this point, the vulnerability is only a proof of concept and no real world application of the issue has been seen yet.  For more on the vulnerability, you can check out SC Magazine posting on the topic:

http://www.scmagazine.com/itunes-vulnerability-may-enable-remote-code-execution/article/246207/

The latest version of iTunes released this past week addresses the issue.   You can update iTunes by going to the Software Update option under the Apple menu or by downloading it directly from the Apple support page at:

http://support.apple.com/kb/DL1426

Mac Backdoor Trojan embedded in Word Documents

For those users who use Microsoft products on their Macs, you need to be aware that there is a new version of the Backdoor Trojan embedded in a word document related to the Tibetan situation.  According to this article, it is possibly related to the Chinese effort to keep an eye on Tibetan sympathizers and any group banned by the Chinese goverment:

http://nakedsecurity.sophos.com/2012/03/30/mac-malware-backdoor/

Make sure that you update all of your Microsoft products to the latest version set by the Microsoft Updater and do not open any Word documents from unknown sources.

Apple Releases Flashback Removal Tool For Users Without Java

Apple has released the same Flashback Trojan Removal Tool that is found in the Java update for OS X 2012-003 as a standalone tool.  The new standalone version of the tool is for those users without Java installed.

You can download the Flashback malware Removal Tool from the Software Update feature under the Apple menu or from the Apple support website at:

http://support.apple.com/kb/DL1517

Apple Updates Java for 3rd Time This Month To Deal With Flashback Trojan

Apple has released a third update to Java for both Mac OS x Lion and Mac OS X 10.6 to deal with the infections of the Flashback Trojan.  Infections reached a whopping 600,000 machines globally according to three anti-virus companies that were monitoring it (Dr. Web, the discoverer of the Trojan, Kaspersky, and Symantec) , however, that number has dropped to 270,000 in recent days.

The update on the Apple Support Website updates Java to Version 1.6.0_31.  This brings it inline with the Oracle version of Java.  You can download the latest version of Java through the Software Update feature under the Apple menu or from Apple’s Support website at :

http://support.apple.com/downloads/

Apple Tries to Shut Down Dr. Web’s Server

Apple has had a knee-jerk reaction to the discovery of the Flashback Trojan that has infected up to 600,000 Macs globally.  Dr. Web, a small Russian anti-virus company, first discovered the Flashback Trojan and has been monitoring infections on a global basis.  Now Apple has sent a Shutdown notice trying to shutdown the company’s server, saying it is being used for command and control in the Flashback Trojan bot-net.  The Flashback Trojan is attacking a hole in Java and Apple has released two updates to Java to mitigate  the attacks and to bring Java up to date.

If you want to check to see if your machine is one of the machines infected by the Flashback Trojan, you can download FlashbackChecker at:

https://github.com/jils/FlashbackChecker/downloads

Source: Forbes