Thursday, April 26, 2012

Outline of April 26, 2012 NCC-Mac Meeting


Announcements
If you're a new attendee, please give us your email address so you'll be able to get meeting announcements. If you're a former Verizon email user, please give us your new address.
Some of Apple's software updated since our last meeting
Run Software Update or visit Apple - Support - Downloads
This update adds RAW image compatibility to Aperture 3 and iPhoto '11.
April 05, 2012 - 8 MB
This update adds RAW image compatibility for the following camera to Aperture 3 and iPhoto '11
Canon EOS 5D Mark III
For more information on supported RAW formats, see support.apple.com—HT4757.
April 12, 2012 - 79.9 MB
This Java security update removes the most common variants of the Flashback malware.
If you do not use Java applets, it is recommended that you disable the Java web plug-in in your web browser. For more information about how to disable Java in Safari, please see this website: support.apple.com—HT5241.
Java for Mac OS X 10.6 Update 8 delivers Java SE 6 version 1.6.0_31 and supersedes all previous versions of Java for Mac OS X v10.6.
This update is recommended for all Mac OS X v10.6 users.
Please quit any web browsers and Java applications before installing this update.
See support.apple.com—HT5243 for more details about this update.
See support.apple.com—HT1222 for information about the security content of this update.
April 12, 2012 - 67.3 MB
This Java security update removes the most common variants of the Flashback malware.
This update also configures the Java web plug-in to disable the automatic execution of Java applets. Users may re-enable automatic execution of Java applets using the Java Preferences application. If the Java web plug-in detects that no applets have been run for an extended period of time it will again disable Java applets.
Java for OS X Lion 2012-003 delivers Java SE 6 version 1.6.0_31 and supersedes all previous versions of Java for OS X Lion.
This update is recommended for all Mac users with Java installed.
Please quit any web browsers and Java applications before installing this update.
See support.apple.com—HT5242 for more details about this update.
See support.apple.com—HT1222 for information about the security content of this update.
April 13, 2012 - 557 KB
This update removes the most common variants of the Flashback malware. This update contains the same malware removal tool as Java for OS X 2012-003.
If the Flashback malware is found, a dialog will be presented notifying the user that malware was removed.
In some cases, the Flashback malware removal tool may need to restart your computer in order to completely remove the Flashback malware.
This update is recommended for all OS X Lion users without Java installed.
See support.apple.com—HT5246 for more details about this update.
See support.apple.com—HT1222 for information about the security content of this update.
This download includes the latest Samsung printing and scanning software for OS X Lion and Mac 
OS X v10.6 Snow Leopard.
April 26, 2012 - 28.9 MB
This download includes the latest HP printing and scanning software for OS X Lion and Mac OS X 
v10.6 Snow Leopard.
April 26, 2012 - 524.8 MB
The next meeting will be held Thursday, May 31, 2012, 4:30 PM at the Langlois Library.
(subject to confirmation)
What you need to know about the Flashback malware
What is Flashback?
Trojan BackDoor.Flashback, commonly referred to as the Flashback trojan, is a trojan horse affecting personal computer systems running Mac OS X. The first variant of Flashback was discovered by antivirus company Intego in September 2011.
According to the Russian antivirus company Dr. Web, a modified version of the "BackDoor.Flashback.39" variant of the Flashback trojan has infected over 600,000 Mac computers.
The trojan targets a Java vulnerability on Mac OS X. The system is infected after the user is redirected to a compromised bogus site, where JavaScript code causes an applet containing an exploit to load. An executable file is saved on the local machine, which is used to download and run malicious code from a remote location.
What is Java?
Java refers to several computer software products and specifications from Sun Microsystems (which has since merged with Oracle Corporation), that together provide a system for developing application software and deploying it in a cross-platform environment.
A Java virtual machine (JVM) is a virtual machine capable of executing Java bytecode. It is the code execution component of the Java software platform.
How do you catch it?
Visit a malicious or compromised website. Older variants required user interaction to install.
How do I detect it and get rid of it?
Lion & Snow Leopard
You can't rely on XProtect this time.
Run Software Update; get the latest Java update.
Leopard & Tiger
Suggestion: ClamXav (Free)
Suggestion: Sophos Anti-Virus for Mac Home Edition (Free)
What about the future?
Disable Java in web browser preferences.
You may not miss it at all.
Suggestion: AVG LinkScanner for Mac (Free)
Q&A, General Discussion