ooops…More than half a million Apple computers have been infected with the Flashback Trojan…Dr Web also notes that 274 of the infected computers it detected appeared to be located in Cupertino, California - home to Apple’s headquarters.
My favorite part…
"Java’s developer, Oracle, issued a fix to the vulnerability on 14 February, but this did not work on Macintoshes as Apple manages Java updates to its computers.
Apple released its own “security update” on Wednesday - more than eight weeks later.
Did anybody with CAVM run in to this and does know if it alerts or not?
Good for those who really though an Apple wasn’t vulnerable for software issues about to be exploited by malicious code…
There is NO OS/Software that is 100% safe, it’s just a matter of how popular an OS is if it get’s attacked on large scale or not.
I am running CAVM but havent get any alert of any type. Actually, I dont know if I am infected (probably Im not).
If in any case I can help to find out about this threat or to do some tests, I would be happy to do so.
From what I know this has to do with CVE-2012-0507 and files are here;
I believe this is using signatures for Windows.
As far as I know, Comodo signatures for Mac are different?
I suspect it is using the same signature file. same bases.cav from what I know
Current latest Virus Signature Database Version in CAVM is 300.
In Windows is 12007.
That should say something.
Besides that, I read somewhere in this forum that the database in CAVM, includes only signatures that affect Mac OS.