Apple last week patched all Macs that were potentially affected by the Flashback drive-by malware.
I’m sure Jason D. O’Grady is happy about that.
How did they do it?
They saw what was happening, they tought about how to best fix it, they implemented two Java updates to fix the underlying vulnerability, rolled them out, and then they issued a third patch that actually removes the malware, and does a few other cool things, like disabeling Java for all users unless it’s been used in the last 35 days. Boom!
Once the patch disables Java, a user has to manually enable it if he needs Java applets to run on his Mac. Most people don’t. This is a totally new approach to a problem like this: Apple is proactively countering the threat. Well played!
This is exciting and to my knowledge nobody has done something like this before. It makes total sense to me: We have been telling users to disable or uninstall Java if they do not need it, but we know very well that only very security conscious users will do so.
See Jason? That’s how Apple rolls.