A bookmark for myself…
Part of Oracle’s new install application for Java is a binary named MacJREInstaller. This application appears to be what installs Java and governs whether or not the Ask.com toolbar gets deployed.
For context, MacJREInstaller appears to be the helper tool referenced when the Java install application prompts for admin privileges.
Based on observation, when running the Java install application, MacJREInstaller appears to run the following tasks:
1. Checks to see if it can contact the internet
2. If it can contact the internet, checks back with Oracle to see what country it’s in. Oracle apparently is selective about which nations it wants to have the Ask.com browser settings and toolbar installed (thanks to a Canadian colleague’s testing, it appears Canada is not one of the nations.)
3. If it determines the Mac in question is in a country where Oracle wants to deploy the Ask.com browser settings and toolbar…
View original post 639 more words
This release updates the Apple-provided system Java SE 6 to version 1.6.0_37 and is for OS X versions 10.7 or later.
This update uninstalls the Apple-provided Java applet plug-in from all web browsers. To use applets on a web page, click on the region labeled “Missing plug-in” to go download the latest version of the Java applet plug-in from Oracle.
This update also removes the Java Preferences application, which is no longer required to configure applet settings.
So run your Software Update.
Since to many of my familiars, friends and even colleagues I’m the “mac guy” everyday I’m getting more and more questions about the Flashback malware, the first in years that have seriously compromised that invulnerability aura that covered us Mac OS X users.
So here’s my state of the art post in this overflow of posts, news, tweets and such on the matter.
First of all don’t panic. There’s nothing to be seriously scared of. Apple has got a solution, that while being late is easy and reliable in solving the issue.
In my opinion it’s necessay to know more on the topic, so here’s two links. The first from Apple, short and concise as all the public statements on security by them. The second is a compendium of Ars Technica on the issue:
Now you probably want to know if you got the “infection” and did not know. This FlashbackChecher tool, after having being downloaded & installed, helps you to this. Eventually it asks you to remove the problem but the developer invites you to do so with Apple tools.
And here we come to the easiest solution out there. With three security updates in less than a week Apple has proposed to it’s user both a patch and a remover of this malware for their users’ computers. All we have to do is to start the Software Update tool and apply every one of them.
Mac OS X 10.5 users are now being leaved on their own on this, since Leopard is no more supported. Apple suggests to disable Java on Safari (and you can find how to do that in the Apple’s link provided above) and I think that FlashbackChecker can help you too. You’re welcome to leave me a note in comments if you have other solutions for Leopard.