The recent Flashback trojan affecting over 600,000 Macs has certainly been in the news a lot lately, with Apple quickly working to release a Java update (and then a second Java update days later) to patch the issue. For those running versions of OS X earlier than Snow Leopard, however, there isn’t a Java update available yet.
The Loop reports that Apple published a note yesterday evening, in which they addressed the Flashback trojan and revealed that they are developing a tool to detect and remove the malware. In addition, Apple is also working with ISPs to disable the command and control servers that Flashback uses to function.
In addition to the Java vulnerability, the Flashback malware relies on computer servers hosted by the malware authors to perform many of its critical functions. Apple is working with ISPs worldwide to disable this command and control network.
Apple did not provide a release date for the tool, but it will likely be available in the coming days through Apple’s support website, or through Software Update on OS X. Users of OS X 10.5 and earlier are advised to disable Java until the tool is released.