Alert: Mac Malware Exploits Java Vulnerabilities and Steals Passwords
(US Eastern Time)
DATE: April 4, 2012
AFFECTED USERS: Mac OS X 10.6 (Snow Leopard) and 10.7 (Lion)
SUMMARY: Carnegie Mellon is detecting an increased number of infected computers related to new malware called "Flashback." Flashback infects MAC OS X computers by exploiting vulnerabilities in Java. FlashBack steals usernames and passwords for online payment, banking and credit card websites without user interaction.
WHAT YOU NEED TO DO:
To protect your Mac computer from infection, please follow the steps below:
- Run the latest Apple security updates for your Mac operating system. Updates are found at: http://support.apple.com/kb/HT1338.
- Install and run Symantec Anti-Virus software from the Computing Services website at: http://www.cmu.edu/computing/software/all/symantec/download.html.
: For more information visit Apple security alert at http://support.apple.com/kb/HT5228
Please direct any questions or comments to the Computing Services Help Center (412-268-HELP or firstname.lastname@example.org
) or to your departmental administrator or DSP consultant.