> The Flashback trojan uses an exploit to break through the sandbox and execute > Java-based malware with privileges, so the *exploit will work on PPC* because > it is Java that is executing with privileges, *not* native machine code. What > is not clear is what happens next. If the binary that is loaded is x86, then > the attack fails, and this seems to be the case. However, if the attackers > got wise and built it Universal (and worse still linked it to the 10.4 SDK), > then watch out.
By "the binary" I mean "the binary loaded by the Java malware bootstrap." See http://www.h-online.com/security/news/item/Critical-Java-hole-being-exploited-on-a-large-scale-Update-1485681.html http://blogs.technet.com/b/mmpc/archive/2012/03/20/an-interesting-case-of-jre-sandbox-breach-cve-2012-0507.aspx The same exploit is used in both the Windows and Mac versions; the binary which they load is different. -- ------------------------------------ personal: http://www.cameronkaiser.com/ -- Cameron Kaiser * Floodgap Systems * www.floodgap.com * ckai...@floodgap.com -- I can't walk a mile in their shoes. They smell funny. ---------------------- -- You received this message because you are a member of G-Group, a group for those using G3, G4, and G5 desktop Macs - with a particular focus on Power Macs. The list FAQ is at http://lowendmac.com/lists/g-list.shtml and our netiquette guide is at http://www.lowendmac.com/lists/netiquette.shtml To post to this group, send email to g3-5-list@googlegroups.com For more options, visit this group at http://groups.google.com/group/g3-5-list