{"id":4620,"date":"2012-04-06T16:00:18","date_gmt":"2012-04-06T21:00:18","guid":{"rendered":"http:\/\/mjtsai.com\/blog\/?p=4620"},"modified":"2018-02-13T14:35:35","modified_gmt":"2018-02-13T19:35:35","slug":"flashback","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2012\/04\/06\/flashback\/","title":{"rendered":"Flashback"},"content":{"rendered":"<p><a href=\"http:\/\/www.macworld.com\/article\/1166254\/what_you_need_to_know_about_the_flashback_trojan.html\">Rich Mogull<\/a>:<\/p>\r\n<blockquote cite=\"http:\/\/www.macworld.com\/article\/1166254\/what_you_need_to_know_about_the_flashback_trojan.html\"><p>The significant thing is that, unlike almost all other Mac malware we&rsquo;ve seen, Flashback can insinuate itself into your system if you merely visit an infected webpage and are using vulnerable software. You do <em>not<\/em> need to enter your administrative password or to manually install anything.<\/p>\r\n<p>[&#8230;]<\/p>\r\n<p>The vulnerability in Java that Flashback exploits was patched in February by Oracle (which inherited Java as part of its acquisition of Sun Microsystems). But Apple waited nearly two months to update OS X with that patched version.<\/p>\r\n<p>This is the single biggest security issue for Macs. OS X includes a number of software components from third-party vendors and the Open Source software community, and Apple has a terrible track record in updating those components. When a vulnerability becomes publicly known because it&rsquo;s been patched on another platform, but it isn&rsquo;t patched on another, the bad guys have a straight-line roadmap to compromising that unpatched system.<\/p>\r\n<\/blockquote>\r\n<p>In recent years, I&rsquo;ve only used Java for CrashPlan, so I had it turned off in the browser. And, as it happens, Macs with Xcode or Little Snitch installed are not vulnerable.<\/p>\r\n<p>The <a href=\"http:\/\/www.macworld.com\/article\/1162496\/intego_malware_masquerades_as_flash_installer.html\">previous incarnation<\/a> of Flashback was a Trojan horse that masqueraded as an installer for Flash. The interesting thing about that attack vector is that neither sandboxing nor Gatekeeper would be able to protect against it.<\/p>","protected":false},"excerpt":{"rendered":"<p>Rich Mogull: The significant thing is that, unlike almost all other Mac malware we&rsquo;ve seen, Flashback can insinuate itself into your system if you merely visit an infected webpage and are using vulnerable software. You do not need to enter your administrative password or to manually install anything. [&#8230;] The vulnerability in Java that Flashback [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"apple_news_api_created_at":"","apple_news_api_id":"","apple_news_api_modified_at":"","apple_news_api_revision":"","apple_news_api_share_url":"","apple_news_coverimage":0,"apple_news_coverimage_caption":"","apple_news_is_hidden":false,"apple_news_is_paid":false,"apple_news_is_preview":false,"apple_news_is_sponsored":false,"apple_news_maturity_rating":"","apple_news_metadata":"\"\"","apple_news_pullquote":"","apple_news_pullquote_position":"","apple_news_slug":"","apple_news_sections":"\"\"","apple_news_suppress_video_url":false,"apple_news_use_image_component":false,"footnotes":""},"categories":[2],"tags":[30,53,48],"class_list":["post-4620","post","type-post","status-publish","format-standard","hentry","category-technology","tag-mac","tag-sandboxing","tag-security"],"apple_news_notices":[],"_links":{"self":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/4620","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/comments?post=4620"}],"version-history":[{"count":4,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/4620\/revisions"}],"predecessor-version":[{"id":4624,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/4620\/revisions\/4624"}],"wp:attachment":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/media?parent=4620"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/categories?post=4620"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/tags?post=4620"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}