Macintosh Java Flashback Trojan Update Procedure OS X 10.6

The problem…and suggestions for fixing it: pre-emptive steps with Apple’s update and/or a diagnosis and infection-deleting process using Unix Terminal to see if you are infected (you need to be very careful fooling around with the unix solution) which is below the [easier] Apple update info that will patch up the problem in Java that lets this happen

(please read background, thanks to the Register.co.uk)

550,000-strong army of Mac zombies spreads across world • The Register.

Plan “A”

Pre-emptive: After downloading Apple’s Java update, read the info before installing, you should see…

“Java for Mac OS X 10.6 Update 7 delivers improved compatibility, security, and reliability by updating Java SE 6 to 1.6.0_31.

Please quit any web browsers and Java applications before installing this update.

See http://support.apple.com/kb/HT5056 for more details about this update.

See http://support.apple.com/kb/HT1222 for information about the security content of this update.”

After running the update…

In Apple menu, open “About this Mac,” then scroll down to “Frameworks”…and open it…

you should see these files updated to either April 6 or today’s date…

and more screenshots in this gallery – note the dates

______________________________________________

Plan “B”

Diagnosis and fix using Unix Terminal – be very careful or get a nerdy friend to assist with this IF YOU OPT TO DO IT THIS WAY…follow the link. The diagnosis is fairly harmless and fun to do. Curious? Want to see if you’re infected? Pre-fix? You will find out if you indeed have been infected or see that you are free of it…Entering commands to repair is another story.

The basic instructions at  F-Secure

I opted to run the diagnosis before and after running Apple’s update. I ran the terminal commands and confirmed I have a clean system…

macintosh-100:~ username$ defaults read /Applications/Safari.app/Contents/Info LSEnvironment 2012-04-06 11:20:17.666 defaults[69558:903] The domain/default pair of (/Applications/Safari.app/Contents/Info, LSEnvironment) does not exist macintosh-100:~ username$ defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES 2012-04-06 11:20:54.632 defaults[69570:903] The domain/default pair of (/Users/username/.MacOSX/environment, DYLD_INSERT_LIBRARIES) does not exist macintosh-100:~ username$

distant US Capitol dome

Russell Imrie is a  Web Content Specialist, webmaster and an American Indian blogger living in the Washington DC area.

Copyright © forever by Russell Imrie

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s