Apple delivered to the core as they made good on a promise to decontaminate Macs infested with the Flashback malware.
The newest Mac OS X Java update includes a tool that will “remove the most common variants of the Flashback malware,” Apple’s advisory read.
On Tuesday, Apple acknowledged the Flashback malware campaign that exploited a Java vulnerability that left hundreds of thousands of Macs infected. At the same time, Apple pledged to create a detect-and-delete tool that would scrub compromised machines of the attack code. By Thursday, the promise came true.
This was not a new problem for Apple as it had to come up with a similar tool last year, one designed to eliminate MacDefender fake security software. In like speedy fashion, Apple released the anti-MacDefender tool a week after it unveiled those plans.
Thursday’s update also disables automatic execution of Java applets in the Java browser plug-in; the exploit used by Flashback to infect Macs hide inside a malicious Java applet hosted on compromised websites.
One of the reasons Flashback was able to infect so many Macs was because the Java plug-in automatically ran the offered applet. Apple’s move is a step toward disabling Java, the advice most security experts have suggested to users.
Users can circumvent Java’s new off-by-default setting by configuring Java’s preferences. But even then, Apple will intercede.
“As a security hardening measure, the Java browser plug-in and Java Web Start are deactivated if they are unused for 35 days,” Apple said.
Java Web Start is an Oracle technology that lets users single-click launch a Java app from within a browser without first downloading it to the machine.