Apple Fixes Login Password Exposure Snafu

by Tom Nelson Apple today released OS X 10.7.4, an update to OS X Lion that fixes a security issue that allowed users’ login passwords to be written to a clear text file on the Mac. This boo-boo was the result of a developer debug tool being accidentally left in when the update was originally [...]

Read Full Post »

OS X Lion 10.7.3 Bug Could Expose Login Passwords

by Tom Nelson Someone at Apple forgot to turn off a debugging feature that logs user login information to a clear text document. This debugging information was handy for Apple’s internal developers as they worked with OS X Lion 10.7.3, but once the update was ready to go golden, all of the debugging features should [...]

Read Full Post »

Apple Releases Flashback Trojan Removal Tool

by Tom Nelson Apple has released a new security update for Java (2012-003) that includes the ability to remove the Flashback Trojan from infected Macs. The security update is available from Apple’s Software Update service, which you will find under the Apple menu. Read more on About: Macs.

Read Full Post »

Getting Rid of the Flashback Trojan

by Tom Nelson Ars Technica is reporting that the Flashback Trojan, a bit of cross-platform malware that takes advantage of unpatched Java vulnerability to create a botnet, has infected 600,000 Macs. The Flashback Trojan can infect Macs that are running out-of-date versions of Java. If you use Java, be sure that you have the latest [...]

Read Full Post »

Full Disk Encryption With FileVault 2

by Tom Nelson OS X Lion brought many changes with it, but one overlooked upgrade was the enhancements to FileVault, Apple’s first file encryption system. FileVault encrypted the files in a user’s home directory, to protect them from unauthorized access. With the home directory encrypted, you had a measure of assurance that should your Mac [...]

Read Full Post »

Apple Updates Built-in Malware Detection System to Block Recent Mac Trojan

by Tom Nelson Apple has issued an update to the XProtect malware detection system that is built in to the Snow Leopard and Lion versions of OS X. The latest update contains the malware definitions for OSX.Revir.A and OSX/flashback.A. The OSX/Revir.A threat used a PDF as the carrier for the Trojan. It was easily recognized [...]

Read Full Post »

F-Secure Reveals New Mac Trojan

by Tom Nelson Security firm F-Secure is revealing details about a Mac Trojan it says it discovered in late July of this year. The Trojan is made up of two components. The first, called Trojan-Dropper;OSX/Revir.A (the link is to F-Secure’s web site, not the Trojan) is used to install the actual hidden application, which is [...]

Read Full Post »

Apple Security Update Addresses Fraudulent Certificates

by Tom Nelson Apple today released a security update (2011-005) that removes DigiNotar from the list of trusted root digital certificates. DigiNotar is one of the issuers of the digital certificates used to authenticate a web site or Internet service. These certificates are commonly used both in electronic commerce and as a means of certifying [...]

Read Full Post »

XProtect Updated With New MacDefender Variant

by Tom Nelson Apple’s built-in XProtect antivirus system, part of Snow Leopard, has been updated to catch new variants of MacDefender. The updates are provided as additions to the XProtect.plist file, which XProtect uses to find matches between malware and the patterns contained in the XProtect.plist file. The latest update adds a third variant type [...]

Read Full Post »

Apple Releases Security Update for MacDefender Scareware

by Tom Nelson Apple has released Security Update 2011-003 (Snow Leopard) to address the Mac Defender scareware applications that have been dogging Mac users. The security update adds a number of malware definition files to Snow Leopard’s built-in anti-virus system. Apple also set the default to update the definition files once per day. Of course, [...]

Read Full Post »