Analyst: Java 1.7 zero-day less likely to affect Mac users due to lack of current installed base on platform

Posted by:
Date: Wednesday, August 29th, 2012, 07:53
Category: News, security

Yesterday, we posted as to a new Java vulnerability that could open the gates for additional malware on the Mac.

Today, there’s some better news regarding this.

Per The Unofficial Apple Weblog, online backup service CrashPlan co-founder Matthew Dornquist had the following to offer about the new Java vulnerability and what it could mean for the Mac.

In a recent study of a random sample of 200K recent users; Dornquist’s numbers showed that the overwhelming majority of CrashPlan’s Mac users are on Java 1.6 (92%) and a small minority on the older 1.5 version. The percentage on the 1.7 version targeted by the malware? Approximately zero.

Research shop FireEye identified a Java zero-day exploit this weekend that is already targeting fully patched versions of the Java JRE version 1.7 running on Windows machines. The exploit attempts to install a dropper executable (Dropper.MsPMs) on the machines it attacks. In theory, a separate dropper could be crafted to attack Mac or Linux systems, although none has yet been observed in the wild.

That’s a reason for Mac users to rest a little more easily, but it’s not the big one. As noted by CNET, the vulnerable edition of the JRE — 1.7 — isn’t installed by default in a stock configuration of OS X. The Java that Apple delivers on Snow Leopard, Lion and Mountain Lion is JRE 1.6 (and on Lion and Mountain Lion, it’s only installed on demand when needed to run Java applications); in order to be on 1.7 and be theoretically susceptible, you’d have to install the Oracle beta build manually.

If you did install the Oracle build and you’re concerned about the new exploit, you can disable the Java plugin in each of your browsers individually, or uninstall 1.7 entirely. While it bears repeating that there is no evidence of a Mac payload for this exploit at this time, if you don’t have a specific reason to run the new version then it’s probably safest to stick with JRE 1.6 instead (or turn off Java completely if you don’t need it). In response to past exploits including Flashback, Apple’s Java web plugin is now set to auto-disable when it isn’t used for some time, further reducing the attack surface for Mac users.

So, yeah, try to avoid manually updating to Java 1.7 on your Mac until this is sorted out and we’ll have additional details as they become available.

Apple to file injunction against certain Samsung smartphones on December 6th

Posted by:
Date: Wednesday, August 29th, 2012, 07:22
Category: Legal, News

applelogo_silver

Come December 6th, Apple will be looking to take punitive action against Samsung.

Per Reuters, Apple v. Samsung presiding Judge Lucy Koh on Tuesday set the date on which the Court will hear Apple’s request for a permanent sales ban against certain Samsung smartphones.

According to a court order filed on Tuesday, the judge is slated to hear arguments on Dec. 6 regarding Apple’s move for a permanent injunction against eight Samsung handsets identified on Monday.

The order also outlines the deadlines by which both parties must submit their respective replies and oppositions regarding post-judgment filings. In the interest of expediency, Judge Koh has consolidated other post-trial motions for the Dec. 6 hearing. Apple and Samsung were initially scheduled to meet on Sept. 20 to discuss the injunction, but that date is now reserved for the Korean company’s request to dissolve a sales ban against the Galaxy 10.1.

Judge Koh is once again pushing for strict adherence to her mandates regarding post-judgment motions, a position she took during the trial to avoid an onslaught of filings. During the trial, the judge fought to keep the case on track as her “rag tag” team was having trouble keeping up with filings from the two companies’ “legion” of lawyers.

From the order:
“The page limits set forth herein will be strictly enforced. Any argument that is not explicitly articulated within the briefing page limits will be disregarded. Any supporting documentation shall be for corroboration purposes solely and shall not be used as a vehicle for circumventing the Court’s page limits. Any citations to the record must include the relevant testimony or exhibit language. Any single-spaced bullets in an attempt to circumvent the briefing page limits will be disregarded.”

Apple on Friday won a sweeping victory over Samsung as a jury found Samsung in violation of six Apple design and utility patents, assigning damages of nearly US$1.05 billion for the offense.

Stay tuned for additional details as they become available.