Apple releases Java update; includes fix for vulnerability exploited by Flashback malware

From Botnets.fr
Jump to navigation Jump to search

(Publication) Link to the old Wiki page : [1] / Google search: [2]

Apple releases Java update; includes fix for vulnerability exploited by Flashback malware
Botnet Flashback
Malware Flashback (bot)
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2012 / 4 avril 2012
Editor/Conference Intego
Link http://www.intego.com/mac-security-blog/apple-releases-java-update-includes-fix-for-vulnerability-exploited-by-flashback-malware/ (Archive copy)
Author
Type

Abstract

Apple has released Java for OS X 2012-001 and Java for Mac OS X 10.6 Update 7, featuring a dozen security fixes, including one that has been used a recent variant of the Flashback malware, CVE-2012-0507. As the information about this update that Apple provides says,

Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. This is exactly what happens with the recent variant of the Flashback malware that we discussed yesterday.

Bibtex

 @misc{2012BFR982,
   editor = {Intego},
   author = {},
   title = {Apple releases Java update; includes fix for vulnerability exploited by Flashback malware},
   date = {Error: Invalid time.},
   month = Error: Invalid time.,
   year = {2012},
   howpublished = {\url{http://www.intego.com/mac-security-blog/apple-releases-java-update-includes-fix-for-vulnerability-exploited-by-flashback-malware/}},
 }