Flashback originally tried to install its nasty payload by tricking users into thinking they were installing Adobe’s Flash player. When victims entered their user name and password into the seemingly legit authentication dialog Flashback was able install its malware, although more recent versions were able to take advantage of Java security flaws and install when users visited maliciously crafted websites.
With the Java security updates Apple released several days ago, Snow Leopard and Lion users shouldn’t need to worry about getting hit with the current wave of Flashback variants, and they handle the process of removing the malware if it was installed ahead of the updates, too. If your Mac runs a version of OS X that’s older than 10.6, however, there aren’t any updates for you, leaving the next line of defense in the hand of virus protection apps, or disabling Java.
Here’s how to disable Java in OS X 10.4 and 10.5:
- Launch Safari
- Go to
Safari > Preferences
- Select the
Security
tab - Uncheck
Enable Java
You can disable Java in Safari’s preferences
Despite the similarity in names, JavaScript and Java aren’t related, so you don’t need to disable JavaScript to avoid Flashback-related threats.
OS X Lion doesn’t ship with Java installed by default, but your Mac will offer to install it for you should you launch an app that requires it. If you want to disable Java in Lion, you can hop into Safari and make the change there, just as you can in older versions of the operating system.
You can also disable Java through the Java Preferences application — which isn’t part of System Preferences. Here’s how:
- Go to
Applications/Utilities
- Launch
Java Preferences
- Click the
General
tab - Uncheck all of the versions of Java that appear in the Java list
Lion’s Java Preferences. It’s an app, not a Preference Pane.
A Java Preferences app is available in previous versions of OS X, too. You can disable Java from the app in Snow Leopard, although older versions of OS X only let you view a list of installed Java runtimes.
Disabling Java will help sidestep Flashback, but it also means you may not be able to run other applications, or features in some applications may stop working. Adobe, for example, uses Java for some interface elements in its applications, so disabling Java means you can’t run apps like Photoshop, Illustrator or InDesign.
Apple may not have responded quickly to the Flashback trojan, but did finally get on task and deliver the security updates we needed. Hopefully that’s a sign that the company will be a little more proactive with future threats, so be sure to check for system updates regularly. Of course, The Mac Observer will let you know when those updates are available, too.