Tag Archives: Flashback

Flashback malware: How can I keep my Mac secure?

We have had several customers ask us about the Flashback malware that has been getting a lot of publicity lately. One thing that we love about our Macs is how secure they are, especially when compared to Windows, Android, or other OSes out there. But with the increased popularity of Macs, we’ll probably see more attempts to go after Mac users.

We don’t want to take a casual attitude towards any security issue, and we are glad that Apple doesn’t either. Here are a few things to keep in mind:

  • We have not seen any customers that actually have been infected with Flashback (as of this writing). So although there is a lot of publicity, we hope that the actual problem is not as large as the press is making it out to be.
  • Apple patched this particular security issue in Java a while ago. So if you keep your Mac OS up to date, that is the best way to stay secure. If you haven’t run software update recently, do it!

Am I at risk?
Probably not, but if you would like to check and see if your Mac has the Flashback malware on it, you can download a free utility on github from programmer Juan Leon. This utility will check for the Flashback, but not remove it. If you have Flashback on your Mac, you can find some instructions at F-secure to remove it, or you can bring it in to one of our retail stores and we can help you out.

Beyond Flashback, what else can I do to keep my Mac secure?
The most important, and an easy step, is to make sure that Software Update is running regularly (you can check in your Apple Menu, System Preferences, under Software Update). We would recommend letting it check once a week. When it finds an update, make sure and install it.

You can get some security software for your Mac. Many ISPs (like Comcast) will provide you with security software, or here are a few good programs you can download:
Sophos Anti-Virus for Mac Home Edition (Free)
Virus Barrier Express (Free)

Also, this issue was caused by a vulnerable version of Java. Java has seen other security issues in the past. If you don’t need Java anymore, you can disable it. The Java Preferences utility is in /Applications/Utilities; uncheck the boxes next to the versions listed in the General tab. Some programs still need Java, so be careful with this step.

Gatekeeper
We are looking forward to Mac OS X Mountain Lion, coming out this summer. Mountain Lion will include Gatekeeper, which will make Mac OS X, the most secure OS in the world, even more secure. Read more about Gatekeeper and what it will mean for security on the Mac here.

Update (4/11/12)

Apple has a new knowledge base article about Flashback, and it looks like they will provide a tool to remove it soon.

For now, security company Kaspersky Lab has a free removal tool that is easier to use than the instructions provided above.

Update (4/12/12)

Apple has a new item in Software Update that not only patches the Flashback vulnerability but also deletes all known variants. More information can be found by clicking here.

In short, make sure you run your software updates!