or Connect
AppleInsider › Forums › General › General Discussion › Flashback malware still on 140K Macs despite fix
New Posts  All Forums:Forum Nav:

Flashback malware still on 140K Macs despite fix

post #1 of 39
Thread Starter 
Despite Apple's release of numerous Java patches and an uninstaller tool, some 140,000 Macs worldwide are still affected by the Flashback trojan that was at one point present on 600,000 machines.

Although malware-affected Macs are on the decline, the numbers are at a point much higher than forecasted by software maker Symantec, according to a Tuesday post on the company's blog.

The security firm guessed that the number of affected machines would have dropped precipitously by now given that Apple and third-party vendors released their respective Flashback-neutralizing programs last week. The Mac maker even rolled out a removal tool for those Mac users who don't have Java installed, and thus may be harboring a dormant version of the malware.

Statistics from Symantec's "sinkhole," or spoofed command and control server, show that Flashback has been removed from some 460,000 machines since Apr. 9, but the company expected less than 99,000 would be carrying the trojan by Tuesday.

Sinkholes are used by internet security and research entities to monitor and analyze the spread of malicious programs, though the standard practice sometimes brings unwarranted suspicion to smaller, less well-known firms. For example, Apple reportedly attempted to shut down the server hosting a sinkhole belonging to Flashback's discoverer Dr. Web, mistakenly thinking that it was a legitimate command and control server. Apple's move, however, can also be considered standard practice when dealing with fast-moving malware.



Forecast of Flashback removal. | Source: Symantec


There has been no speculation as to why the remaining Macs haven't already disposed of Flashback, as the self-installing program can be easily identified and deleted. It is possible that machine owners remain unaware of the program and haven't yet performed a software update that would eradicate it.

The trojan itself continues to propagate on upatched systems. Analysis into Flashback's structure reveals that it is coded to exceed the .com top level domain, and generates domain names from .in, .info, .kz and .net. Flashback creates one new string every day that is paired with a random TLD.

Once a user visits a site carrying Flashback, the program installs itself without the need for permission and proceeds to collect sensitive data like user iDs, passwords and web browsing histories which it then sends to an off-site repository.

Just as Flashback exploited the "Oracle Java SE Remote Java Runtime Environment Denial Of Service Vulnerability" to create its botnet, another threat has surfaced that uses the same hole as a means of distribution.

Called Backdoor.OSX.SabPub.a, the newly-discovered malware was created in March and is considered an "active attack" trojan as an operator manually checks and harvests data from an affected machine. SabPub has also been seen being distributed in malicious Word documents, installing itself by exploiting a known record parsing buffer overflow vulnerability.

[ View article on AppleInsider ]
post #2 of 39
80% drop in a week since it was announced is pretty damn impressive for dealing with a Trojan.

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply
post #3 of 39
Quote:
Originally Posted by AppleInsider View Post

There has been no speculation as to why the remaining Macs haven't already disposed of Flashback, as the self-installing program can be easily identified and deleted. It is possible that machine owners remain unaware of the program and haven't yet performed a software update that would eradicate it.


Why doesn't it just download and work in the background? Malware removal tools have worked that way for a decade.

Apple needs to get its shit together and get out in front of this issue.
post #4 of 39
Quote:
Originally Posted by I am a Zither Zather Zuzz View Post

Why doesn't it just download and work in the background?

Becoming the demons isn't the right way to go.

Originally posted by Relic

...those little naked weirdos are going to get me investigated.
Reply

Originally posted by Relic

...those little naked weirdos are going to get me investigated.
Reply
post #5 of 39
Quote:
Originally Posted by I am a Zither Zather Zuzz View Post

Why doesn't it just download and work in the background? Malware removal tools have worked that way for a decade.

Apple needs to get its shit together and get out in front of this issue.

All you have to do is click install when Software Update notifies you of the update. Nothing more.
post #6 of 39
I call BS.

Look at the numbers in the chart. Now, note that Apple didn't release the removal tool until April 13.

One of two things happened:

1. The systems repaired themselves with no help from Apple

or

2. The numbers are entirely fabricated and meaningless.

Obviously, the latter is far more likely.
"I'm way over my head when it comes to technical issues like this"
Gatorguy 5/31/13
Reply
"I'm way over my head when it comes to technical issues like this"
Gatorguy 5/31/13
Reply
post #7 of 39
Quote:
Originally Posted by Tallest Skil View Post

Becoming the demons isn't the right way to go.

+1 for that!
post #8 of 39
Quote:
Originally Posted by jragosta View Post

I call BS.

Look at the numbers in the chart. Now, note that Apple didn't release the removal tool until April 13.

One of two things happened:

1. The systems repaired themselves with no help from Apple

or

2. The numbers are entirely fabricated and meaningless.

Obviously, the latter is far more likely.

Given the potential revenues involved if Mac users can be convinced to start buying AV utilities I am not surprised by exactly what you have spotted, a total con. The blog and even the real media industry want this just as they wanted to inflate the shooting in Florida. Another OJ trial has them salivating as does Macs getting infected. As I write this AI has ads from AV companies on this very page!
Enjoying the new Mac Pro ... it's smokin'
Been using Apple since Apple ][ - Long on AAPL so biased
nMac Pro 6 Core, MacBookPro i7, MacBookPro i5, iPhones 5 and 5s, iPad Air, 2013 Mac mini.
Reply
Enjoying the new Mac Pro ... it's smokin'
Been using Apple since Apple ][ - Long on AAPL so biased
nMac Pro 6 Core, MacBookPro i7, MacBookPro i5, iPhones 5 and 5s, iPad Air, 2013 Mac mini.
Reply
post #9 of 39
Meanwhile. venerable Symantec has managed to make a fortune while keeping millions of Windows machines infected with various malware, virii and the occasional worm.
post #10 of 39
Quote:
Originally Posted by jragosta View Post

I call BS.

Look at the numbers in the chart. Now, note that Apple didn't release the removal tool until April 13.

One of two things happened:

1. The systems repaired themselves with no help from Apple

or

2. The numbers are entirely fabricated and meaningless.

Obviously, the latter is far more likely.

The best part of the situation is that Apple is developing security measures and not relying on a 3rd party to profit on this scenario.
post #11 of 39
Quote:
Originally Posted by jragosta View Post

I call BS.

Look at the numbers in the chart. Now, note that Apple didn't release the removal tool until April 13.

One of two things happened:

1. The systems repaired themselves with no help from Apple

or

2. The numbers are entirely fabricated and meaningless.

Obviously, the latter is far more likely.

They release one Java patch on Friday the 6th http://www.appleinsider.com/articles...this_week.html with a link at the bottom of the article for those savvy enough to play with Terminal and remove it manually.

Then Apple release the Java update with the removal tool last Thursday and the stand-alone removal tool, for those not using Java, on Friday.

I'm not saying that Symantec isn't fear-mongering but your dates are off a little.

Why does Apple bashing and trolling make people feel so good?

Reply

Why does Apple bashing and trolling make people feel so good?

Reply
post #12 of 39
Quote:
Originally Posted by Dickprinter View Post

They release one Java patch on Friday the 6th http://www.appleinsider.com/articles...this_week.html with a link at the bottom of the article for those savvy enough to play with Terminal and remove it manually.

Then Apple release the Java update with the removal tool last Thursday and the stand-alone removal tool, for those not using Java, on Friday.

I'm not saying that Symantec isn't fear-mongering but your dates are off a little.

Do you really think that 2/3 of all Mac users actually used the terminal/manual removal process which is what the data indicates?

Again, the numbers look bogus.
"I'm way over my head when it comes to technical issues like this"
Gatorguy 5/31/13
Reply
"I'm way over my head when it comes to technical issues like this"
Gatorguy 5/31/13
Reply
post #13 of 39
Quote:
Originally Posted by jragosta View Post

Do you really think that 2/3 of all Mac users actually used the terminal/manual removal process which is what the data indicates?

Again, the numbers look bogus.

I agree, the numbers, and the corresponding dates where infection falls precipitously, do not jibe at all.

Why does Apple bashing and trolling make people feel so good?

Reply

Why does Apple bashing and trolling make people feel so good?

Reply
post #14 of 39
Quote:
Originally Posted by AppleInsider View Post


There has been no speculation as to why the remaining Macs haven't already disposed of Flashback, as the self-installing program can be easily identified and deleted. It is possible that machine owners remain unaware of the program and haven't yet performed a software update that would eradicate it.

THat would be the most likely answer right there. Not a shock since I know a number of folks that are still using the hardware they bought as much as 5 years ago and haven't every updated the software. Most of them are my parents and their friends but still there are a good couple dozen just in that group

A non tech's thoughts on Apple stuff 

(She's family so I'm a little biased)

Reply

A non tech's thoughts on Apple stuff 

(She's family so I'm a little biased)

Reply
post #15 of 39
Quote:
Originally Posted by jragosta View Post

Do you really think that 2/3 of all Mac users actually used the terminal/manual removal process which is what the data indicates?

Again, the numbers look bogus.

More specifically 2/3 of Mac users who were afflicted. One might presume that less computer literate Mac users are far more likely to fall victim as they are less likely to use deactivate Java, deactivate "Open 'safe' files after downloading, use the firewall, etc. Given this consideration, the data set seems very questionable despite the media vastly over-inflating the issue.

Since the security of iOS appears nearly unassailable vendors may believe they can benefit if they create fear, uncertainty and doubt around Apple in general. With sixty million OS X devices and over two hundred million iOS devices with escalating sales the information security industry most likely feels their livelihood is threatened.
post #16 of 39
Quote:
Originally Posted by poke View Post

All you have to do is click install when Software Update notifies you of the update. Nothing more.

Not everyone has Software Update set to auto-check for updates. Many schools and businesses prefer to do manual checks-and-installs or on their own schedule... and then there are those people who just have absolutely no clue what they should or should not be doing.

As SolipsismX pointed out, an 80% decrease is impressive. We still need to be vigilant for the other 20%, but we cannot control those groups mentioned in my first paragraph. We may wish we could...
post #17 of 39
So why is there not a removal tool for those with Java? I use Java all the time and can't really turn it off. I have run the Apple updates and I also used the Terminal commands to check for files related to the Trojan. I also have had Little Snitch installed for years so I guess there is no question I am clear, but I still wonder why no tool for Java users.
post #18 of 39
Quote:
Originally Posted by david.allie View Post

As SolipsismX pointed out, an 80% decrease is impressive. We still need to be vigilant for the other 20%, but we cannot control those groups mentioned in my first paragraph. We may wish we could...

I should have been more clear in my comment. I did mean that it's impressive, but as jragosta notes the change is suspect. Even if the 80% change was from when Apple issued the malware fix it will still be very impressive for 80% of the infected to have installed it within the first week or it being released.

Even with iOS 5.x having OTA updates that notify the user I still don't think we've seen anything close to those results.


Quote:
Originally Posted by WelshDog View Post

So why is there not a removal tool for those with Java? I use Java all the time and can't really turn it off. I have run the Apple updates and I also used the Terminal commands to check for files related to the Trojan. I also have had Little Snitch installed for years so I guess there is no question I am clear, but I still wonder why no tool for Java users.

It's poorly worded. It removes it from all systems, with or without Java. The take away is that it also checks machines that don't have Java installed so they aren't harboring the malware if and when they install, or potentially connect to other machines (I forget if it's a worm).

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply
post #19 of 39
Quote:
Originally Posted by SolipsismX View Post

It's poorly worded. It removes it from all systems, with or without Java. The take away is that it also checks machines that don't have Java installed so they aren't harboring the malware if and when they install, or potentially connect to other machines (I forget if it's a worm).

Thank you for that. First time I have heard it explained that way.
post #20 of 39
Quote:
Originally Posted by mdriftmeyer View Post

The best part of the situation is that Apple is developing security measures and not relying on a 3rd party to profit on this scenario.

Agreed 100%.
Enjoying the new Mac Pro ... it's smokin'
Been using Apple since Apple ][ - Long on AAPL so biased
nMac Pro 6 Core, MacBookPro i7, MacBookPro i5, iPhones 5 and 5s, iPad Air, 2013 Mac mini.
Reply
Enjoying the new Mac Pro ... it's smokin'
Been using Apple since Apple ][ - Long on AAPL so biased
nMac Pro 6 Core, MacBookPro i7, MacBookPro i5, iPhones 5 and 5s, iPad Air, 2013 Mac mini.
Reply
post #21 of 39
Quote:
Originally Posted by mdriftmeyer View Post

The best part of the situation is that Apple is developing security measures and not relying on a 3rd party to profit on this scenario.

Who best to protect those of us who relish life inside the walled garden of Apple.


I....love....this.....company. (No, I'm not saying that in a Ballmer kind of way)
http://www.youtube.com/watch?v=Nc4MzqBFxZE

Why does Apple bashing and trolling make people feel so good?

Reply

Why does Apple bashing and trolling make people feel so good?

Reply
post #22 of 39
140,000 is like the amount of iPads Apple sells each day right?
post #23 of 39
Quote:
Originally Posted by mdriftmeyer View Post

The best part of the situation is that Apple is developing security measures and not relying on a 3rd party to profit on this scenario.

The worst part is that Apple is only concerned about Lion users. I suspect that Snow leopard users are at risk as well. If the fix does what I think it does, then it's a no brainer to issue a fix for Snow Leopard too.
"That (the) world is moving so quickly that iOS is already amongst the older mobile operating systems in active development today." — The Verge
Reply
"That (the) world is moving so quickly that iOS is already amongst the older mobile operating systems in active development today." — The Verge
Reply
post #24 of 39
Quote:
Originally Posted by c4rlob View Post

140,000 is like the amount of iPads Apple sells each day right?

140,000 x 30 x 3 = 12,600,000. I'd say more than that.


Quote:
Originally Posted by Macky the Macky View Post

The worst part is that Apple is only concerned about Lion users. I suspect that Snow leopard users are at risk as well. If the fix does what I think it does, then it's a no brainer to issue a fix for Snow Leopard too.

That did seem odd since Apple has a long history of issuing security updates to OSes long out of date but I checked the support file and it says that only those with Java & Lion are affected.
That said, if they recommend it for those that don't have Java installed (even though it's a click away to install it) I'd think they'd want to get rid of it from every machine so that it can't ever become active. Because they don't I would assume that it doesn't self propagate across a network, gets overwritten when you upgrade to Lion and can't affect SL users as is.

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply
post #25 of 39
Quote:
Originally Posted by c4rlob View Post

140,000 is like the amount of iPads Apple sells each day right?

Close. That's the number of iPads Apple sells on an average day. Use amount for things which are measurable rather than countable. Use number for things which are countable. Money is the only exception (because long ago money was weighed rather than counted).
Mac user since August 1983.
Reply
Mac user since August 1983.
Reply
post #26 of 39
Quote:
Originally Posted by mcarling View Post

Money is the only exception (because long ago money was weighed rather than counted).

I had never thought of it before but you are absolutely correct.

Quote:
What's the number of money for which you will charge for this item?

Wow! That sounds so wrong.

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply
post #27 of 39
These are truly clueless individuals that have turned off their Software Update app & have no clue as to what they are getting their computers & themselves into

Cheers !
Cheers !
Reply
Cheers !
Reply
post #28 of 39
Symantec are the single most useless company out there. Their security products are complete bloat ware and provide only one function, to slow down your PC. Not a single Symantec antivirus product has been worth using since the late 90's.

I take any news from them with a huge pinch of salt.
post #29 of 39
A big reason for there still to be lots of infected machines is that Apple only provided a fix for Snow Leopard and Lion. Quite a few people like myself, are probably still using Leopard.
post #30 of 39
Quote:
Originally Posted by cnocbui View Post

A big reason for there still to be lots of infected machines is that Apple only provided a fix for Snow Leopard and Lion. Quite a few people like myself, are probably still using Leopard.

I agree. You're the first person I've seen mention this, but I've been wondering why none of the reports I've read mention Leopard, as if it doesn't exist any longer. Apple's the only place I've seen a specific reference to manually removing a Flashback infection from a Leopard install to date.
post #31 of 39
I'd like to know what web sites are hosting the infection, so we know where to avoid in the first place.
The MACaholic
Reply
The MACaholic
Reply
post #32 of 39
Another part of this is some people ignore there updates! No matter how many times software update prompts them to update, they are to lazy, ignorant, or in a hurry to bother with pressing the updates button and wait a few minutes to do them.
I believe this is what were seeing now is all of the people who just refuse to do there updates when they show up. It is these types of users who get everyone in trouble, because they are the ones that will spread this kind of stuff and other kinds of security problems too.
If you get on a computer whether it's your friends computer, your mom's computer, your co-workers computer and you see they aren't up-to-date. Fix it for them please! Let them know they can cause a lot of trouble for themselves and others who do exactly the same thing and ignore there updates.
These updates are not only for security but also for reliability and make all programs work better together.

DO YOUR UPDATES DAMN IT!!
post #33 of 39
Quote:
Originally Posted by b9bot View Post

Another part of this is some people ignore there updates! No matter how many times software update prompts them to update, they are to lazy, ignorant, or in a hurry to bother with pressing the updates button and wait a few minutes to do them.
I believe this is what were seeing now is all of the people who just refuse to do there updates when they show up. It is these types of users who get everyone in trouble, because they are the ones that will spread this kind of stuff and other kinds of security problems too.
If you get on a computer whether it's your friends computer, your mom's computer, your co-workers computer and you see they aren't up-to-date. Fix it for them please! Let them know they can cause a lot of trouble for themselves and others who do exactly the same thing and ignore there updates.
These updates are not only for security but also for reliability and make all programs work better together.

DO YOUR UPDATES DAMN IT!!

There is a set of users out there that are not owners, like students. They have no power nor the interest to maintain the computers made available to them. They are most likely to have visited the porn site or whatever and gotten this malware. There is also the set of owners/users who have forgotten their own user password and thus can't update anything. This same group don't know how to reset their user account password.
The MACaholic
Reply
The MACaholic
Reply
post #34 of 39
Quote:
Originally Posted by won View Post

I agree. You're the first person I've seen mention this, but I've been wondering why none of the reports I've read mention Leopard, as if it doesn't exist any longer. Apple's the only place I've seen a specific reference to manually removing a Flashback infection from a Leopard install to date.

My parents are still on Leopard because their old printer won't work on anything newer and they're the kind of people who will not toss away working products and buy new ones. They don't install updates, but I know they're safe from most malware because they they're too scared of screwing things up to install anything. I get phone calls to confirm the most basic things.

I'm on Snow Leopard and only the expiration of MobileMe will force me to upgrade a single machine to Lion. So far I've seen nothing in Lion I want and plenty of flakiness I don't. Mountain Lion will render useless the most important productivity tool I have: Spark. Unlike most macro tools Spark runs as a daemon that intercepts key combinations allowing me to launch and switch apps with hot-keys. Control-S, for example brings up Safari and Control-M, Mail. It's so fast and easy that using anyone else's Mac feels primitive and slow. Under the new rules only Apple themselves will have the ability to provide global hot key functionality and I'll probably be throwing lead on the devil's curling team before that happens.
post #35 of 39
Quote:
Originally Posted by b9bot View Post

Another part of this is some people ignore there updates! No matter how many times software update prompts them to update, they are to lazy, ignorant, or in a hurry to bother with pressing the updates button and wait a few minutes to do them.
I believe this is what were seeing now is all of the people who just refuse to do there updates when they show up. It is these types of users who get everyone in trouble, because they are the ones that will spread this kind of stuff and other kinds of security problems too.
If you get on a computer whether it's your friends computer, your mom's computer, your co-workers computer and you see they aren't up-to-date. Fix it for them please! Let them know they can cause a lot of trouble for themselves and others who do exactly the same thing and ignore there updates.
These updates are not only for security but also for reliability and make all programs work better together.

DO YOUR UPDATES DAMN IT!!

 

Quote:
Originally Posted by BradMacPro View Post


There is a set of users out there that are not owners, like students. They have no power nor the interest to maintain the computers made available to them. They are most likely to have visited the porn site or whatever and gotten this malware. There is also the set of owners/users who have forgotten their own user password and thus can't update anything. This same group don't know how to reset their user account password.

 

Too true and very likely to form a large proportion of the still infected. Another group of ignorant users are some single-purpose users of Macs, particularly music producers. I know of one or two who only ever use their Macs to create demos and even full-fledged music productions for artistes, and in spite of the importance of the Mac to their revenues and income, often lag years behind in security updates. I'm talking about people who will even physically resist your helping them do so, and even open up their manuals for the first time in order to roll back any beneficial changes anyone may have made on their behalf! I kid you not, I have had experiences where I have just had to leave such users to their own devices, literally. <shakes head sadly>

 

Quote:
Originally Posted by Bregalad View Post


My parents are still on Leopard because their old printer won't work on anything newer and they're the kind of people who will not toss away working products and buy new ones. They don't install updates, but I know they're safe from most malware because they they're too scared of screwing things up to install anything. I get phone calls to confirm the most basic things.

I'm on Snow Leopard and only the expiration of MobileMe will force me to upgrade a single machine to Lion. So far I've seen nothing in Lion I want and plenty of flakiness I don't. Mountain Lion will render useless the most important productivity tool I have: Spark. Unlike most macro tools Spark runs as a daemon that intercepts key combinations allowing me to launch and switch apps with hot-keys. Control-S, for example brings up Safari and Control-M, Mail. It's so fast and easy that using anyone else's Mac feels primitive and slow. Under the new rules only Apple themselves will have the ability to provide global hot key functionality and I'll probably be throwing lead on the devil's curling team before that happens.

 

The danger with your parents method of working is that there is NOTHING to install with FlashBack - it will install itself without any intervention on their part. All that is required is to visit a malicious website, the nature and identity of which has not yet been published so far. So this is one piece of malware that they are NOT safe from.

 

The hot keys you are using are easily configurable within stock Snow Leopard or Lion without the macro tool you are using. However, some of the hot keys you are using are not too advisable as a little reading will show you that the two-key combinations you are using (particularly Control-S) MAY already be in use by your system, and can also be inadvertently pressed when you don't mean to (you've probably experienced this a few times). Three-key macros, on the other hand are hard to select by mistake and ensure that your intention is deliberate rather than accidental.

post #36 of 39

Actually we do know, at least in part, where one might pick up the Flashback trojan. Most are .nu web sites but also various Wordpress based blog sites as some folks running WordPress downloaded a bogus plugin with the trojan.

The MACaholic
Reply
The MACaholic
Reply
post #37 of 39

 

Quote:
Originally Posted by airmanchairman View Post

The hot keys you are using are easily configurable within stock Snow Leopard or Lion without the macro tool you are using. However, some of the hot keys you are using are not too advisable as a little reading will show you that the two-key combinations you are using (particularly Control-S) MAY already be in use by your system, and can also be inadvertently pressed when you don't mean to (you've probably experienced this a few times). Three-key macros, on the other hand are hard to select by mistake and ensure that your intention is deliberate rather than accidental.

 

I can't find anything in System Preferences - Keyboard that launches or switches apps so I would really appreciate a reply.

post #38 of 39

 

Quote:
Originally Posted by Bregalad View Post

 

 

I can't find anything in System Preferences - Keyboard that launches or switches apps so I would really appreciate a reply.

 

Sorry for the long pause...

 

You are quite correct... a Service has to be created first using Automator (a simple one: create a Service using Automator with a single action to "Launch Application". Set the conditions of this service to receive "no input," and make it available in "all applications").

 

Name and save the Service and create a shortcut to it on the Keyboard Shortcuts tab of the Keyboard System Preferences panel as usual. 

post #39 of 39

 

Quote:
Originally Posted by Sandman619 View Post

These are truly clueless individuals that have turned off their Software Update app & have no clue as to what they are getting their computers & themselves into

Cheers !

 

A tad harsh. Some of them will be running OSes that are only 2.5 years old and might not realise that they are no longer supported, thus even with updates turned on they will not get any updates, eg leopard.

 

They may well have been told at the point of purchase that Mac can't be infected and so assume that they don't need to exercise caution or be proactive.

 

I understand that Apple want everyone to be on the latest OS but perhaps support for older OSes could be extended when it comes to security.


Edited by hungover - 4/29/12 at 3:16am
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: General Discussion
AppleInsider › Forums › General › General Discussion › Flashback malware still on 140K Macs despite fix