Apple yesterday released an update for Mac OS X 10.5 Leopard that removes common variants of the Flashback Trojan.
“While Apple issued patches last month for its Lion and Snow Leopard products, yesterday’s Flashback Removal Security Update identifies and removes common variants of the malware on the five-year old Leopard OS,” writes Threatpost’s Christopher Brook.
“After installing the Flashback Removal Security Update, the removal tool will run automatically in the background and if the Flashback malware is found, you’ll be notified via a dialog that it has been removed,” writes TidBITS’ Agen G. N. Schmitz. “In some instances, however, you may need to restart your computer to remove the malware completely.”
“The 1.23MB update will also disable the Java plug-in for Safari, so users will have to reinstall it,” writes PCMag.com’s Chloe Albanesius.
“Meanwhile Leopard Security Update 2012-003 disables older versions of Adobe Flash Player, encouraging users to get the latest version directly from Adobe’s website,” writes The Register’s John Leyden. “Both updates can be applied via the Software Update feature built into Mac OS X, but will only ‘take’ if the latest version of that particular track of the operating system, Mac OS X Leopard version 10.5.8, has already been applied.”
“It’s encouraging to see Apple has not left users of this older version of the Mac OS X operating system completely out in the cold when it comes to protecting against the latest threats,” writes Sophos’ Graham Cluley. “Clearly they realise that it’s not good for the Apple Mac’s image if older computers connected to the Internet are harbouring malware that could cause problems for others in the Mac community.”
Still, Cluley notes, users of Mac OS X 10.4 Tiger aren’t protected by these updates, and there’s no indication that Apple has any plans to release patches for those users.