Office 2004 and Flashback Malware

We started seeing reports recently that Office 2004 failed to open. For some users, it was a result of being infected by the Flashback Malware that exploited a vulnerability in unpatched security holes in Java. Apple released a Java update April 3 that will block future attempts but it will not remove the infection from your computer. Update your computer now! Download directly from Apple Downloads or run Software Update under the Apple in the Menu bar. [Added Apr 6,2012 - Apple issued a second update, Java for OS 2012-002. Be sure you are fully updated in Software Update]

How to find if you are infected?

This line from a crash log for Office 2004 Word is an indication of infection. Microsoft Office does not install any files in the Shared folder.

Microsoft.Word[6483]     dyld: could not load inserted library: /User/Shared/.libgmalloc.dylib

You can use the Terminal to find out if you are infected or download and run this app provided by Marc Zeeder.

Test4Flashback http://rsdeveloper.com/downloads/test4flashback.zip

Excellent instructions have been provided here on how to check and remove the flashback malware.

http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml

Be very careful since this could cause data loss. Back up your data first! Questions on safely removing the malware should be asked on Apple Discussions. See page 9 on this discussion “Rosetta” applications suddenly stopped working for recommendations to safely remove.

This CNET article has a good summary and worth checking out. How to remove the Flashback malware from OS X

Stop Future Attacks

I recommend that you disable Java because of recurring security issues, the Java web plugin must be considered unsafe to use.

Launch Safari and select Safari > Preferences > Security from the menu bar. Uncheck the box labeled Enable Java. (Note: It’s OK to leave JavaScript selected. Despite the similar names it’s unrelated to Java.)

How to check for and disable Java in OS X

Protect Yourself from the Mac OS X Java Vulnerability

Upgrade Microsoft Office

If you are still running Office X or Office 2004, I suggest you upgrade. Both Office X and Office 2004  no longer receive security updates leaving you vulnerable to future security risks. Right now Office 2008 is very reasonable.Office 2008 does run under Lion. These are the cheapest prices I’ve seen for Microsoft Office 2008.

Microsoft Office 2008 for Mac Home & Student Edition (does not contain Exchange support) $43.07

Microsoft Office for Mac 2008 Business Edition (includes Exchange support) (1 install) $79.99

 

 

Share this:
  • Twitter
  • Facebook
  • del.icio.us
  • Digg
  • StumbleUpon
  • Google Bookmarks
  • PDF
  • Print

Comments are closed.