Mac malware exploits unpatched drive-by Java vulnerability

Mac and JavaMalware striking Mac computers is making the headlines again, this time exploiting a drive-by vulnerability in Java that has left Apple users dangerously exposed to attack.

The new Mac malware exploits a Java vulnerability (known as CVE-2012-0507), that Apple users are still not patched against.

Apple users won’t feel any consolation at all in the knowledge that their Windows cousins have been protected against the flaw since February.

Sophos security products identify the various components of the Mac malware attack as Exp/20120507-A, Troj/JavaDl-JI, OSX/Dloadr-DMU and OSX/Flshplyr-B – intercepting the threat before it can compromise Mac owners’ computers.

Sign up to our free newsletter.
Security news, advice, and tips.

Once again, you’re left to ponder whether having Java installed on your computer is really worth it. Having Java on your PC or Mac may help you run some archaic applications, but it can also dramatically widen the attack surface which hackers can exploit.

My advice is that if you have no real need for Java, remove it.

The latest version of Mac OS X (known as Lion), unlike earlier editions, does not include Java by default, meaning users are not at risk *unless* they have subsequently installed the software.

If you’re not already doing so, run anti-virus software on your Macs. If you’re a home user, there really is no excuse at all as we offer a free anti-virus for Mac consumers.

Update: Apple has now issued a patch which fixes the Java vulnerability for Snow Leopard and Lion users. Mac users who have Java installed are strongly recommended to install it.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.