Information Technology Services
Information Technology Services

ITS Notification Item

Title:Mac OS X Flashback malware
Description:Flashback is malware that can infect Mac OS X computers by exploiting a vulnerability in Java. A significant number of computers on the campus
network show indications they have been infected.

All versions of Mac OS X are vulnerable to Flashback, including Mac OS X 10.7 (Lion), Mac OS X 10.6 (Snow Leopard), Mac OS X 10.5 (Leopard), and earlier versions. Apple has provided a software update for Mac OS X 10.7 (Lion) and Mac OS X 10.6 (Snow Leopard) that will scan your computer and remove Flashback if it is infected. The update will also patch the security vulnerability in Java to protect your computer so it does not get infected (or reinfected). Mac OS X software update information is available at:

If you are running Mac OS X 10.5 (Leopard) or earlier, no software update is available to resolve this issue. If you are using Leopard on an Intel Macintosh that supports OS X 10.7 (Lion), IT Services recommends upgrading to OS X 10.7 (Lion). Lion Requirements can be found at:
and upgrades can be purchased via Apple Store at:

If you cannot upgrade, ITServices recommends running Symantec End Point (SEP) on Mac OS X 10.5 (Leopard). A full system scan should detect and offer to remove Flashback if your computer is infected. Apple also recommends disabling Java in your web browser on Mac OS X 10.5 (Leopard) and earlier. Disabling Java will prevent your computer from being infected by Flashback.

Symantec End Point (SEP) is available to Queen's faculty, staff, and students from the Macintosh Software Manager download page at:

Symantec also has a "Norton Flashback Detection and Removal Tool, freely available for download at:

For more information, refer to the following articles on

About Flashback malware:
About Java Update for Mac OS X 10.6 (Snow Leopard):
About Java Update for Mac OS X 10.7 (Lion):
About the security content of Java for OS X 2012-003 and Java for Mac OS X 10.6 Update 8:
About the security content of Flashback malware removal tool:

If you have questions about this update, please contact the IT Support Centre (ITSC) by filling out the online help form at:
or calling 613 533 6666 during regular business hours.
Publish Date:May 7, 2012, 9:05 am
Contact:IT Support Centre