Dubbed one of the worst malware infections to hit Mac OS in decades, the Flashback trojan has been causing great concern amongst Mac owners, as well as providing ammunition to those who are sick of hearing about the operating system’s supposedly steely resistance to attack.
Since its rise to infamy over the past few weeks, third-party security firms, such as Kaspersky Labs, have released detection and removal tools for Flashback, and while Apple did patch the Java vulnerability exploited by the trojan, it has taken a while longer for the official removal tool to appear.
This has now been released bundled inside another security update for Java, and in addition to removing “the most common variants of the Flashback malware,” also stops Java applets from starting automatically.
Users can override this setting, but Apple is leaving little to chance, as the software will disable it again if it detects no applets have run for an “extended period of time.” The update is recommended for all Mac OS X Lion and 10.6 Snow Leopard users with Java installed on their machines.
CNet notes the tool’s similarity to the one used to deal with MacDefender, an unpleasant piece of malware which made the rounds in May last year, and attempted to con credit card details from unsuspecting users.
Initially, figures provided by Russian antivirus company Dr. Web estimated 600,000 Macs worldwide were infected with Flashback, with nearly half that number in the US alone.
Symantec has since followed this up with its own research, and the good news is the number of infections is falling rather than rising. It estimates that five days after Dr. Web’s figures were published on 5 April, the number had fallen to 380,000 and then to less than 270,000 the day after. The United States remains top of the list though, with 47.3-percent of the Flashback installations.
Mac owners can check Software Update for the Flashback fix and removal tool right now, or download it directly from Apple’s support page.