Intego finds new, insidious strain of Mac Flashback Trojan horse | Macworld

via macworld.com "Intego describes three unique methods that the Trojan horse uses to infect Macs: It attempts to exploit a pair of Java vulnerabilities in sequence, which the company says allows infection with no further user intervention. Failing those two approaches, resorts to social engineering. In that last case, the applet presents a self-signed digital certificate, falsely claiming that the certificate is “signed by Apple Inc”; if you click Continue, the malware installs itself." This isn't the first time that Apple's Java has had a gaping security hole that was exploitable from a web page. Shame on Apple for not caring enough about Java to make it as solid as the rest of their frameworks. Generally speaking, Macs are good about sandboxing apps from the web. One of my biggest criticisms of Windows has been its poor sandboxing of Active X and other crap in their Internet Explorer.

"Intego describes three unique methods that the Trojan horse uses to infect Macs: It attempts to exploit a pair of Java vulnerabilities in sequence, which the company says allows infection with no further user intervention. Failing those two approaches, resorts to social engineering. In that last case, the applet presents a self-signed digital certificate, falsely claiming that the certificate is “signed by Apple Inc”; if you click Continue, the malware installs itself."

This isn't the first time that Apple's Java has had a gaping security hole that was exploitable from a web page. Shame on Apple for not caring enough about Java to make it as solid as the rest of their frameworks. Generally speaking, Macs are good about sandboxing apps from the web. One of my biggest criticisms of Windows has been its poor sandboxing of Active X and other crap in their Internet Explorer.