2012-09-02T15:12:16+01:00 Zend_Feed_Writer https://www.augwessex.org.uk/discussions/view/757 AUGW info@augwessex.org.uk https://www.augwessex.org.uk/ 2012-05-01T17:18:20+01:00 https://www.augwessex.org.uk/discussions/view/757#3339 Euan Williams info@augwessex.org.uk https://www.augwessex.org.uk/ Oh dear oh dear. Yet another Java villain has arrived, this time it uses Python scripts: http://nakedsecurity.sophos.com/2012/04/27/python-malware-mac/ If you have used your browser preferences to "stop" Java -- NB "JavaScript" is something quite different and is fine to use -- and have installed all the latest Apple updates there should be no problem. But note that Apple have NOT issued updates to close off these attacks in OSX versions earlier than 10.6 Snow Leopard. The Sophos page offers a simple, quick check to see if you have been compromised, and also free anti-virus software from Sophos for home users: http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx ClamXav is another free (open source) antivirus protector if you prefer to use that: http://www.clamxav.com/download.php The two AV software suites have been reviewed widely (see Google). (re-posted from the F-Secure topic). 2012-05-04T10:16:18+01:00 https://www.augwessex.org.uk/discussions/view/757#3340 Mark Ford info@augwessex.org.uk https://www.augwessex.org.uk/ Did you instal this stuff Euan? 'Mac Home Edition'? whatever is that? Which download, exactly, provides a 'swift, simple check..'? It all looks so dodgy! 2012-08-28T19:19:22+01:00 https://www.augwessex.org.uk/discussions/view/757#3550 Euan Williams info@augwessex.org.uk https://www.augwessex.org.uk/ Tuesday 28th August 2012 Java's in trouble (again) this time it affects even the 1.7 Java runtime environment from Oracle: > http://www.macworld.co.uk/mac/news/?newsid=3378068&olo=email < Pending a patch from Oracle (that's where Java patches come from these days) all Mac users should disable Java in their web browser. For Safari look in Safari > preferences > security > ENABLE JAVA -- and make sure the tick box is empty. Firefox is vulnerable, and other browsers may be too. Java Script is something quite different, and is fine to use (keep the tick box ticked). Older OSX versions are vulnerable too, so unless you are using a "pure" version of Lion or Mountain Lion (with which Apple ceased to install Java by default) you should act on the MacWorld warning asap. 2012-08-28T20:26:59+01:00 https://www.augwessex.org.uk/discussions/view/757#3551 Eleanor Spenceley info@augwessex.org.uk https://www.augwessex.org.uk/ This new vulnerability is _only_ in Oracle's new Java 7 (JRE 1.7), not earlier versions. You have had to explicitly download the latest Java runtime (directly from Oracle) _and_ have Java turned on in your browser. If not, there's nothing to worry about. If you want to know which version of Java you are running. Open Terminal. type in> java -version Or go to Applications->Utilities->Java Preferences. Personally if you don't need Java (i.e. don't run any Java based Applications), I'd disable it on your Mac. 2012-08-29T13:53:32+01:00 https://www.augwessex.org.uk/discussions/view/757#3552 Douglas Cheney info@augwessex.org.uk https://www.augwessex.org.uk/ Is it possible to delete Java from aMac 2012-08-29T16:10:53+01:00 https://www.augwessex.org.uk/discussions/view/757#3553 Thomas Maude info@augwessex.org.uk https://www.augwessex.org.uk/ Thanks for all this info guys and the links to possible solutions ....I for one am very grateful for you highlighting these kind of things that would have otherwise passed me by. Ive downloaded the Sophos free home edition package and it's scanning through my whole system now. it identyfied one possible troj connected to the adobe flash thing that I installed as an alerted upgrade recently ....so that has been 'cleaned up" as it described .....not sure what cleaned up really means but anyway it has ... Once again many thanks to Euan and Martin in particular and any others for providing this important stuff Tom 2012-08-29T16:52:32+01:00 https://www.augwessex.org.uk/discussions/view/757#3554 Eleanor Spenceley info@augwessex.org.uk https://www.augwessex.org.uk/ Is it possible to delete Java from aMac It depends on the version of Mac OS X you have and version of Java. Can you be more specific? 2012-08-30T09:29:13+01:00 https://www.augwessex.org.uk/discussions/view/757#3557 Douglas Cheney info@augwessex.org.uk https://www.augwessex.org.uk/ Running 10.8.1 and the latest Java 1.7 2012-08-30T09:32:56+01:00 https://www.augwessex.org.uk/discussions/view/757#3558 Eleanor Spenceley info@augwessex.org.uk https://www.augwessex.org.uk/ A quick Google returns http://reviews.cnet.com/8301-13727_7-57423014-263/how-to-install-and-uninstall-java-7-for-os-x/ 2012-08-30T14:02:11+01:00 https://www.augwessex.org.uk/discussions/view/757#3559 Douglas Cheney info@augwessex.org.uk https://www.augwessex.org.uk/ Thanks for that Martin, I went to the folder as listed but found it empty. I don't understand it because I did install the latest Java when it came out. 2012-08-31T11:45:37+01:00 https://www.augwessex.org.uk/discussions/view/757#3562 Euan Williams info@augwessex.org.uk https://www.augwessex.org.uk/ Like Doug, I didn't find Java 7 in the folder, although v6 was there, despite having installed v7. I fear this is one of the many mysteries to which mortals do not have access (but, being curious, I do seek enlightenment). Meanwhile Oracle have posted a patch which may be appreciated by Java users: http://www.appleinsider.com/articles/12/08/30/oracle_issues_patch_for_latest_java_security_flaw.html 2012-08-31T12:19:10+01:00 https://www.augwessex.org.uk/discussions/view/757#3563 Eleanor Spenceley info@augwessex.org.uk https://www.augwessex.org.uk/ Try looking in both: /Library/Java/JavaVirtualMachines/ and /System/Library/Java/JavaVirtualMachines/ If it isn't there, then you must just have the Java runtime plugin for the web browser. see http://www.java.com/en/download/help/mac_uninstall_java.xml 2012-08-31T16:17:08+01:00 https://www.augwessex.org.uk/discussions/view/757#3564 Douglas Cheney info@augwessex.org.uk https://www.augwessex.org.uk/ Looked in System/LibraryJavaVirtualMachines and found 1.6.0.jdk. Is that what I should have found. 2012-08-31T16:20:26+01:00 https://www.augwessex.org.uk/discussions/view/757#3565 Douglas Cheney info@augwessex.org.uk https://www.augwessex.org.uk/ Just found this on OS X Daily Java SE 7u7 Update Resolves Recent Security Issue. Should I update. 2012-08-31T23:54:50+01:00 https://www.augwessex.org.uk/discussions/view/757#3567 Euan Williams info@augwessex.org.uk https://www.augwessex.org.uk/ Oops. Either the plot (or the soup) has thickened once more: Macworld has just reported as follows: "Security researchers from Poland-based security firm Security Explorations claim to have discovered a vulnerability in the Java 7 security update released Thursday that can be exploited to escape the Java sandbox and execute arbitrary code on the underlying system." Further details here: MacWorld update 31 August If it's not Hurricane Isaac or the GOP conference it's something else. I'm hibernating. (But before the hot chocolate, thanks Martin for chasing Java down its various burrows.) 2012-09-01T08:37:20+01:00 https://www.augwessex.org.uk/discussions/view/757#3568 Euan Williams info@augwessex.org.uk https://www.augwessex.org.uk/ And a little mint to go with the chocolate? More info from The A Register. 2012-09-01T11:23:59+01:00 https://www.augwessex.org.uk/discussions/view/757#3569 Mick Burrell info@augwessex.org.uk https://www.augwessex.org.uk/ It's not crystal clear to me (like lots of things!) but can this vulnerability only be exploited through a browser with Java enabled? I ask because I suspect not many of us use applications written in Java so could remove it completely but I happen to use two so can't. I've long had Java disabled in my browsers and indeed have not downloaded Oracle's version - still using Apple's last one so it's for future reference really. I assume that normal firewalls etc. would prevent any internet based attack while running one of these applications - is that correct? 2012-09-02T15:12:16+01:00 https://www.augwessex.org.uk/discussions/view/757#3571 Eleanor Spenceley info@augwessex.org.uk https://www.augwessex.org.uk/ Can this vulnerability only be exploited through a browser with Java enabled? I I believe so and only with Java JRE 1.7 (not 1.6). I suspect not many of us use applications written in Java so could remove it completely but I happen to use two so can't. If you are running Lion, I'd leave 1.6 alone. This is because it's part of the install of Lion and there maybe dependencies. Let Apple manage this. I assume that normal firewalls etc. would prevent any internet based attack while running one of these applications - is that correct? I assume your applications are basic Java desktop applications (like Eclipse or ThinkFree Office) and not Java web based or 'JNLP' downloadable applications. If so, then these applications behave like just another desktop application and cannot be accessed externally via the internet/network with or without a firewall in place (simplistically, basic OS security will prevent such access).