Apple Releases Flashback Removal Tool and Updates to OS X

Last Updated: 01/10/2018

Security Notice Level

SEVERE

Apple has released a Flashback Removal Tool as an update to OS X Lion (10.7) and updates for Java on Mac OS X 10.6 that include a Flashback Removal Tool. These updates address vulnerabilities that could allow malicious users to execute arbitrary code, steal highly confidential data and take control of affected computers.

The IT Security Office advises applying the updates as soon as possible. These updates may require a restart; please plan accordingly.

If you have any questions, please contact the IT Service Center at 303-735-4357 (or 5-HELP from an on-campus phone) or help@colorado.edu. Phone help is available Monday through Friday from 8 a.m. to 7 p.m.

Network Connect Known Issue Related to Java Update

This Java update disables the Java applet plug-in by default in Java Preferences. As you may know, the campus’s Network Connect VPN requires that the Java applet plug-in be enabled in order to connect. Learn more about this issue and how to enable the Java applet plug-in.
 

Affected Software

  • Available for: OS X v10.7 or later without Java installed
  • Mac OS X v10.6.8
  • Mac OS X Server v10.6.8
  • OS X Lion v10.7.3
  • OS X Lion Server v10.7.3.

Additional Information

Security Bulletin Names:

HT5247: Java for OS X 2012-003 and Java for Mac OS X 10.6 Update 8 
Released: April 12, 2012

HT5254: Flashback malware removal tool 
Released: April 14, 2012