Apple Issues New Security Update for Mac OS X 10.5 Leopard
Apple released a new software update on Monday, May 14, designed to protect users of its two-year-old Mac OS X 10.5 Leopard operating system against security threats by the infamous Flashback Trojan. Users of the newer Snow Leopard (10.6) and Lion (10.7) operating systems received security patches last month.
The security updates follow the Flashback Trojan attack, which infected up to half a million Macs, according to security experts. Apple has faced increasing criticism for taking too long to respond to the malware threats.
The Flashback malware exploited a vulnerability in the Java software used in Windows machines, as well as Apple computers and many others. Apple, however, left the loophole in its version of Java unpatched for several weeks after it became aware of the vulnerability. Therefore Macs were the biggest victims.
"The update removes the most common variants of the Flashback malware," said Apple of its latest patch. "If the Flashback malware is found, a dialog will notify you that malware was removed. In some cases, the update may need to restart your computer in order to completely remove the Flashback malware."
Apple's Leopard Flashback Removal Security Update aims to clean up Macs running the older OS and which are not yet using an antivirus package. Moreover, the security update also disables Safari's Java plugin by default. The Leopard Security Update 2012-003, meanwhile, disables older versions of Adobe Flash Player that do not include the latest security updates, urging users to get the latest version directly from Adobe's Web site.
"This additional level of protection when it comes to Safari users running Flash is good to see - as Adobe's software is so frequently exploited by malware authors and malicious hackers to infect web surfers," Sophos senior consultant Graham Cluley wrote in a blog post. The new software updates prove that Apple is working to cover all bases. "It's encouraging to see Apple has not left users of this older version of the Mac OS X operating system completely out in the cold when it comes to protecting against the latest threats," added Cluley. "Clearly they realise that it's not good for the Apple Mac's image if older computers connected to the internet are harbouring malware." On the other hand, the security expert did concur that there may still be more to be done in this regards.
"Of course, there are still users of Mac OS X 10.4 Tiger out there - they don't have the benefit of these security updates and are effectively playing a dangerous game with their systems as the malware threat on the Mac platform increases."
Users of Mac OS X 10.5 Leopard can install the security updates via Software update or download them from Apple's Support Downloads page.
(Alexandra Burlacu, edited by Dave Clark)