Sophos: New drive-by attack threatens Mac users

A new drive-by attack exploiting a vulnerability in Java threatens users of computers running Apple Inc.'s Mac OS X, a computer security firm warned Tuesday night. The Mac malware exploits an unpatched drive-by Java vulnerability that leaves Apple users "dangerously exposed" to attack, Sophos said. "Once again, you're left to ponder whether having Java installed on your computer is really worth it. Having Java on your PC or Mac may help you run some archaic applications, but it can also dramatically widen the attack surface which hackers can exploit," it said in a blog post. But users of the latest version of Mac OS X (Lion) can breathe relatively easy as Lion does not include Java by default, "meaning users are not at risk *unless* they have subsequently installed the software," it added. Ironically, Sophos pointed out users of computers running Microsoft's Windows – which had been derided for being prone to malware – are already protected against this Java vulnerability. Sophos said the new Mac malware exploits a Java vulnerability (known as CVE-2012-0507), that Apple users are still not patched against. It said its security products identify the components of the Mac malware attack as Exp/20120507-A, Troj/JavaDl-JI, OSX/Dloadr-DMU and OSX/Flshplyr-B. "(Our) advice is that if you have no real need for Java, remove it," Sophos urged Mac users. — LBG, GMA News