Friday, May 11, 2012

7 Ways to Avoid the New OS X Trojans

This is a guest post by Eric Greenwood.
Image credit: Redmond Pie

Historically, Windows computers have been much more susceptible to security concerns than OS X-based computers. The fact of the matter is that, for a number of reasons, hackers and virus creators have focused on exploits in the various Windows operating systems. In the past few months, however, a number of Trojans have appeared in the wild that are affecting OS X machines. The Flashback Trojan is estimated to have infected more than 600,000 computers worldwide, with more than half of those located in the United States. Particularly troubling about the Flashback Trojan and some that have come after it is the fact that it disables the built-in malware protection on your Mac. While you can’t shield your computer against every possible security risk, there are some steps you can take on your Mac to avoid these recent OS X Trojans:

  1. Disable Java, system-wide. The Flashback Trojan as well as other Trojans have entered Mac systems via Java security holes. While Apple has patched those Java security holes, the risk exists for further exploits. Many users don’t need java on a regular basis, at least not on the Mac itself. There may be some reasons to leave Java enabled in Safari, but understand that doing so is the most likely entry point for Trojans.
  2. Update OS X and keep it updated. Regularly installing available updates for OS X will help make sure that any patches that Apple has released will be applied to your computer.
  3. Keep your apps updated, too. You can manually update most of your apps, and many are available for update by the App store, as well.
  4. Consider shutting down Adobe Acrobat Reader. This one will probably hit more folks hard. After all, you want to be able to view PDFs. What you may not realize, however, is that OS X already includes a PDF viewer. Get rid of Adobe Acrobat Reader, as well as the Acrobat browser plugin.
  5. Disable Adobe Flash. Adobe Flash has been used as an exploit in the past. Not only that, it seems to be particularly prone to crashing. If you regularly use Flash – such as for certain web-based games – you can instead install a Flash bloc plugin. What this does is require you to grant permission to the given Flash app before it tries to run, allowing you to make sure that only trusted Flash implementations are being run on your computer.
  6. Install an Antivirus package. This one may or may not truly be necessary. In fact, it’s probably a bit of overkill. Still, if you’d rather be safe than sorry, you can install an Antivirus package. Sophos is a free antivirus package for Mac, but there are others out there as well.
  7. Keep current with the latest security news. Consider signing up for a Mac security newsletter, or following a security site in your reader. Knowing what’s out there in the wild is your first step in protecting against it.
About the Author
Eric Greenwood is a technophile whose interests have lead him to study all things related to the cloud computing movement from online storage to software as a service. Get more tips and advice on his Cloud Storage blog!