Security firm Intego on Monday announced that it had discovered a new variant of the Flashback malware called Flashback.S that continues to use a Java vulnerability Apple has already patched . This variant requires no password to install, and it places its files into the user’s home folder in “~/Library/LaunchAgents/com. java.update.plist” and “~/.jupdate.” Once Fashback.S is installed, it will then delete all files and folders in “~/Library/Caches/Java/cache” in order to delete the applet from the infected Mac, and avoid detection

We're not quite done with Flashback yet. The good news is that the number of Macs affected by the trojan has gone down greatly , but the bad news is that there's a new variant of it out in the public. It's called Flashback.S , and just like the original, it can worm its way into a Mac's home folder without the admin password

The security risks of having a Java virtual machine/runtime environment on your Mac have been highlighted over the past two weeks, as the Flashback trojan spread widely by taking advantage of a vulnerability that Oracle had patched months ago -- but that Apple had not.

In a tech note published today , Apple discussed the Flashback trojan ( past coverage here ) and reminded users of OS X 10.6 and 10.7 that they should install the April 3 Java update to remove the vulnerability that the malware uses to infect Macs. For users of OS X 10.5 Leopard or earlier, Apple has not updated Java yet to patch the flaw; in that case, Apple's recommendation is to turn off Java in the browser to guard against Flashback. The note also says that "Apple is developing software that will detect and remove the Flashback malware." No ETA on that yet; in the meantime, the company is working with network service providers to disable or block the command and control servers that Flashback checks in with

Earlier this week, Apple released a Java security update, 2012-001, to patch the Flashback vulnerability that a security company claims

Earlier this week, Apple released a Java security update, 2012-001, to patch the Flashback vulnerability that a security company claims

According to Russian antivirus firm Dr. Web , over 600,000 Macs worldwide are infected with the Mac flashback trojan .

According to Russian antivirus firm Dr.

A new variant of the Flashback trojan horse called “Flashback.G” is reportedly out in the wild and able to exploit a pair of vulnerabilities found in an older version of Java run-time, according to a blog post by antivirus maker Intego yesterday. People running Snow Leopard and an older Java run-time are at high risk as the primary spreading method calls for maliciously crafted websites. When visiting such pages, the malware exploits a browser’s security settings and installs itself without any intervention on the user’s part.