Bit9

Most Mac users have grown accustomed to the lack of malware reported on Apple’s devices, many of which do not have any additional layer of protection implemented on their system to protect against possible cyber attacks either. On Monday, a new variant of the Flashback malware Flashback.K was reported. It’s described that this new rendition exploits unpatched Java vulnerabilities, which Apple historically is late in updating.

Back in February, Oracle released a patch that was included in a Windows Java update. It was also made available for Macs, but Apple typically ports patches over to their systems on a laggard schedule, sometimes months behind the initial update. This gives the advantage to the malware writers, who can capitalize on the slow update regiment from Apple and infect countless machines before a patch and resolution is provided. The initial Flashback malware was distributed via a fake Flash Player installer, but this new variant only requires the ability to exploit Java vulnerabilities. Once the malware is executed on the system (CVE-2012-0507 exploit), the Trojan opens a dialogue box requesting the users administrative password. But even if someone fails to enter in a password, the malware can still infect the system.

Not to beat the dead horse (or deer – keep reading), but doesn’t this highlight a concern regarding protection methods, not Apple? Exploits will always exist on any system, but the way in which we protect against them will need to change. The blacklisting (AV) method utilized by a large portion of consumers and businesses is as if one chose to run through tick-infested woods in nothing but their skivvies to only be surprised by the fact that they were covered with the blood-sucking insects. The reactive measure of pulling the ticks off can sometimes work, but chances are you may still end up with Lyme Disease – or for our purposes intellectual property (IP) theft. Something has got give, and solutions will need to change in order to ensure constant protection over an ever adapting threat landscape or suffer the consequences.

Leave a Reply