On Monday, we wrote about a variant of the Mac Flashback trojan that exploits a then unpatched Java vulnerability (CVE-2012-0507). Apple released its security update on Tuesday. If you have Java installed on your Mac — update now.

Yesterday, Dr. Web (a Russian based antivirus vendor) reported that Flashback may have infected over half-a-million Macs.

Each installation of Flashback creates a unique User-Agent. Dr. Web's Ivan Sorokin later estimated that their sinkhole now estimates over 600,000 infections.
@mikko, at this moment botnet Flashback over 600k, include 274 bots from Cupertino and special for you Mikko - 285 from Finland
— Sorokin Ivan (@hexminer) April 4, 2012

Our Anti-Virus for Mac detects the latest Flashback variant as Trojan-Downloader:OSX/Flashback.K.

Here's some of our recent Flashback descriptions:

• Flashback.I
• Flashback.K

Our previous Mac related posts include instructions on how to disable Java, how to check for a Flashback infection, and manual removal:

• Mac Malware at the Moment
• Are you having a (Mac) Flashback?
• Mac Flashback Exploiting Unpatched Java Vulnerability

For those of you celebrating the Easter Holiday this weekend — if you're visiting your parents and they have a Mac — now is the time to update, disable, or remove their Java client plugin/installation!

(And that goes for Windows too.)

Updated to add: We have shipped a free Flashback removal tool On 05/04/12 At 02:44 PM

ข้อมูลในส่วนนี้ถูกซ่อนไว้ (คุณต้องสมัครสมาชิกและมี 1 โพส}: