> >unclear is whether the Java exploit being used is present in older
> >versions of Java or not. If they are, the targeting PPC macs is
> >relatively simple for the bad guys. If not then PPC macs are ok.
>
> The vulnerability *IS* present in older versions of Java.
>
> http://tenfourfox.blogspot.com/2012/04/poisoned-coffee.html
>
> By not releasing Java updates for Leopard and older, Apple has
> screwed both ppc and x86 users.
And, as the author of that blog post, let me prove it. The CVE in question is
2012-0507, and Oracle themselves says the vulnerability is in 5.0u33 and before
http://www.oracle.com/technetwork/topics/security/javacpufeb2012verbose-366319.html
J2SE 5.0 is equvalent to JVM 1.5. So the vulnerability exists in 10.4 and
10.5 PPC (Java 6 is only available on 10.5 to 64-bit Intel, and even then
the version offered is still not up to date with 10.6 or 10.7.)
The Flashback trojan uses an exploit to break through the sandbox and execute
Java-based malware with privileges, so the *exploit will work on PPC* because
it is Java that is executing with privileges, *not* native machine code. What
is not clear is what happens next. If the binary that is loaded is x86, then
the attack fails, and this seems to be the case. However, if the attackers
got wise and built it Universal (and worse still linked it to the 10.4 SDK),
then watch out.
--
------------------------------------ personal: http://www.cameronkaiser.com/ --
Cameron Kaiser * Floodgap Systems * www.floodgap.com * [email protected]
-- FORTUNE: The moon is in Venus' house. This will make no difference. --------
--
You received this message because you are a member of G-Group, a group for
those using G3, G4, and G5 desktop Macs - with a particular focus on Power Macs.
The list FAQ is at http://lowendmac.com/lists/g-list.shtml and our netiquette
guide is at http://www.lowendmac.com/lists/netiquette.shtml
To post to this group, send email to [email protected]
For more options, visit this group at http://groups.google.com/group/g3-5-list
