|
|
Although Flashback.K exploits a now-patched vulnerability in Java to get into systems, other variants use different mechanisms. The earlier versions of the malware posed as installers or updaters for Adobe's Flash, and they are the real targets of Apple's new tool.
The user is notified if the Flashback malware removal tool for Lion finds and removes Flashback, but there is no indication if it is not found. That could be because it does not purport to remove all versions of Flashback - only the most common ones - and given the readiness of some parts of its customer base to seek legal redress for any shortcomings, Apple may have felt it was better for the tool to remain silent in such circumstances rather than making a positive statement that the malware wasn't found.
Apple recommends the Flashback malware removal tool for all systems running Lion. There was no real need for a Snow Leopard version, as that version of Mac OS X had Java installed by default (whereas it is an on-demand installation under Lion), and the latest Java update for Snow Leopard includes the removal tool.
There would be little point running the tool without updating Java to help avoid reinfection. However, the tool incorporated into the Java update removes itself after running automatically, so it can't be used for ongoing checks.
Presumably the feeling was that anyone sufficiently motivated to run the tool at intervals would be better served by one of the free or paid security products available from various developers.
