Apple Issues Second Time Revised Security Patch for Java to Destabilize Flashback
Apple just upgraded a particular security patch for the second time that addresses Java vulnerability, which helped contaminate 600,000-or-so Mac computers via Trojan Flashback. Importantly, this patch for Java, compatible with version 2012-002 of OS X, can be obtained for both Snow Leopard and Lion editions of OS X. Redsnow.ws published this on April 7, 2012.
Remarking about the Java patch, Apple says that it, compatible with OS X Lion 2012-002, plugs certain hole, which's capable of making 'Application Loader tools' or 'Xcode' users vulnerable. The previous fix, which Apple issued only some days back, addressed vulnerability with which numerous PCs were contaminated using BackDoor.Flashback.39.
Now, for anybody who doubts his Mac computer is compromised alternatively wants to secure his system, he can take down and use the Java update compatible with OS X Lion 2012-002 which Apple Software Update provides, the software company outlines.
Evidently according to Intego the security company, cyber-criminals' routine exploitation of Java indicates that there's a popular use of the software as one fresh medium of malware assault whereby the Flashback Trojan is reportedly being used to exploit Java in various manners via its familiar alternatively un-patched security flaws for penetrating Mac defenses. Intego.com reported this on April 4, 2012.
Meanwhile, Chester Wisniewski, Researcher with Sophos the security company criticized Apple, claiming it took too long a 6-weeks time for fixing the Java flaw.
Remarking about this lackadaisical attitude of Apple, Wisniewski said that it was indeed astonishing if Apple really regarded security with sufficient seriousness. Possibly, the company held on to the attitude of the public's belief of it being immune to attacks. It wasn't clear as to why Apple didn't release the security patches prior to criminals victimizing Mac users. Luckily, when the problem escalated, Apple realized and reacted fast, the researcher posted on Naked Security blog dated April 4, 2012.
Conclusively, alongside the Sophos security company, others too are stressing on Apple explaining its lackadaisical approach with regard to security problems. According to them all, Apple must do like Microsoft i.e. release security patches on a definite periodical basis akin to the monthly Patch Tuesday.
Related article: Apple Patches QuickTime 13 Month Old Flaw
» SPAMfighter News - 16-04-2012