While Apple has released updates for both Lion and Snow Leopard to remove the Flashback malware that is making the rounds, the company had not released a fix for Leopard until today. Apple released a Flashback Removal Security Update for Leopard this afternoon that weighs 1.23MB. Along with removing the Flashback malware, it also disables the Java plug-in in Safari. Apple described the update:
This update removes the most common variants of the Flashback malware. If the Flashback malware is found, a dialog will notify you that malware was removed. In some cases, the update may need to restart your computer in order to completely remove the Flashback malware…To improve the security of your Mac, this update also disables the Java plug-in in Safari.
Apple also released Security Update 2012-003 for Leopard that “disables versions of Adobe Flash Player that do not include the latest security updates and provides the option to get the current version from Adobe’s website.” A similar update was issued for Lion and Snow Leopard in Safari 5.1.7, which released with OS X 10.7.4 late last week—hit up Software Update.
This is the first major update Apple has released for Leopard since Lion debuted last July. Unlike Adobe, it looks like Apple is devoted to keep its old products up-to-date—even if the update is a few weeks behind. For those of you unaware, Adobe recently told users to upgrade from CS5 to CS6 to avoid a security flaw in older versions of software, instead of just patching it. However, Adobe quickly backed down after receiving a ton of backlash from the community and promised an update in the coming weeks. Still sketchy.
- Apple fixes Flashback malware with software update (9to5mac.com)
- Apple developing tool to detect and remove Flashback malware (9to5mac.com)
- Flashback malware still on 140,000 Macs, despite Apple’s fix (9to5mac.com)