Re the latest Java Trojan: I'm a bit surprised that some enterprising chap or chapette has not yet created a (free) app/script or whatever that ascertains if one is infected, and if so, removes the offending code.
Those who cannot update Java with the latest patched versions because they are running Mac OS X versions earlier than Snow Leopard, can do the following before browsing the Web:
- disable Java in your browser (e.g., Safari>Prefs>Security>Enable Java; Firefox, Chrome) - disable Java on your Mac (use Java Preferences in Utilities to uncheck the boxes in the first column) Caveat: this may make Firefox 11.0 quit incorrectly (see Raj Gurdwara's comment).
Note that you can temporarily re-enable Java on known sites, or for known apps whenever you need it.
Testing for the presence of and removing Trojan-Downloader:OSX/Flashback.I * can be done with Terminal, following the instructions provided by F-Secure. That said, I don't know if these instructions are valid for all current Flashback variants out there (but see below).
*) PS, the (similar) detection/removal instructions for the more recent Downloader:OSX/Flashback.K variant are found HERE. This is the variant that doesn't require an admin password to install. For other variants, see this list.
PS2, the following list with definitions of threat categories may come in handy for those of us who are losing track of the mushrooming details.
Last edited by alternaut; 04/05/1208:23 PM. Reason: updated info & links
