Despite Mac-lovers expectation that we are impervious to virus and malware attacks, 600,000 Macs have been infected recently, according to several news report.
“Two months ago, a new variant of the Flashback Trojan started exploiting a security hole in Java to silently infect Mac OS X machines. Apple has since patched Java, but this was only yesterday. As of today, more than 600,000 Macs are currently infected with the Flashback Trojan, which steals your user names and passwords to popular websites by monitoring your network traffic,” according to ZD.net.
“You can grab the new version of Java that patches the security hole in question from Apple here: Java for Mac OS X 10.6 Update 7 and Java for OS X Lion 2012-001. Additionally, F-Secure has instructions on how to remove this malware if you think your Mac may already be infected.”
Some blame Apple for its slow response:
“In this case it seems that Apple’s own hubris has contributed to the scope of the problem as much or more than the malware itself. The threat has been known for months. It has been somewhat common knowledge–at least in security circles–that attacks were being targeted at Mac OS X systems. But, Apple was silent,” says PCWorld.com
“Oracle issued a patch for the underlying Java vulnerability in February. Apple just pushed out an update to address the Java flaw last week–two months later. While Mac users waited for a fix, malware developers continued to target and exploit vulnerable Mac systems. Even if Apple wasn’t ready to issue a patch earlier, it had an obligation to its users to communicate the risk and make users aware of the threat and steps to take to avoid becoming a victim.”
Apple’s response on its website:
For the protection of our customers, Apple does not disclose, discuss or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. Apple usually distributes information about security issues in its products through this site and the mailing list below.