Java Security Alert
Today saw the discovery of a piece of malware that is able to change your computer’s network settings and use it to launch attacks on other elements of the Internet. This is news for really only two reasons:
- It is cross platform, able to attack Windows, Mac & Linux.
- Many of my clients do not update Java regularly.
The exploit runs through a security hole in Java and is further evidence that Apple’s decision to deprecate Java was probably a good one. The Mac version is poorly coded and OS X prompts users to give permissions to the malware – if users deny the access, no harm is done. If granted, the trojan will download files onto your Mac and change DNS (network) settings to use it as a zombie to attack other computers on the Internet. So, if you’re on a Mac, be really sure about to what you grant permission.
Windows users, be sure to update to the latest version of Java (it will give you a popup down in your system tray when an update is available). This is also a reminder to simply keep your computer up-to-date with Microsoft’s latest patches as well as latest versions for utility programs such as Java. And, for the well being of your computer and every other Windows machine out there, make sure your anti-virus software always has the latest updates and virus definitions.
