Apple releases Flashback removal tool for OS X 10.5

Numerous reports over the web say that Apple has hired Kaspersky Lab, a Russian computer security firm, to find and fix vulnerabilities in Mac OS X. AComputing report quoted Kaspersky Lab’s CTO, Nikolay Grebennikov, as saying “Mac OS is really vulnerable.”
After Flashback malware hit headlines in early August, a number of security companies released Flashback detection and removal tools that automated the manual steps for removing the malware from OS X systems.

Image for Representative purpose only

Apple followed these with an update of its own, which included its Malware Removal Tool (MRT) package. Unlike other offerings, this tool is built to run once, remove instances of known malware, and then remove itself. This approach is minimalistic, but will allow users to do a one-time check of their system to ensure they are free of the Flashback malware. When this tool was released, Apple initially only made it available to OS X 10.7 and 10.6 users, which left a number of those still using 10.5 Leopard (about 16.4 percent) to rely on third-party tools for managing the malware threat.


This security analysis of Mac OS X was conducted independently of Apple; however, Apple is open to collaborating with us regarding new Mac OS X vulnerabilities and malware that we identify during our analysis. Kaspersky Lab is committed to providing the highest level of security for all of our customers, including Mac OS X, and we will continue to enhance our technologies in order to meet the ever-changing threat landscape. "
Pending further clarification from Apple, the new information simply points to the fact that Apple would of course be willing to collaborate with other security firms as well, as and when vulnerabilities are found.


The recent Flashback malware for Mac OS X quickly made security companies and users alike sit up and take heed that the legendarily secure Apple operating system did have some vulnerabilities, and like every other operating system out there, could not be immune to user error when being tricked into installing malware specifically designed for it. Apart from aFlashback removal tool (MRT), Apple had also integrated a recent Java patch to fully caulk the vulnerability – the security update however, was only made available to Mac OS X 10.6 and 10.7 users.


Apple has now released its Flashback Removal Security Update for Mac OS X 10.5 Leopard, which can be downloaded along with a standard software update, and from the Apple Supportwebsite. The fix also disables Java on Safari – those who need it, can visit their browser security settings, or refer to Apple’s comprehensive guide.


Apple has also released another patch, called the Security Update 2012-003 for Leopard, which will also ensure old versions of Adobe Flash Player are disabled as soon as a new version is available, to help protect the user from vulnerabilities that have been patched in the update.