Apple Hack Caused by Java Security Bypass Zero-Day Exploit

Apple employee computers got infected with malwares after they visited a malicious website. This infection was caused by an exploit in Oracle Java web browser plug-in that was discovered a few weeks ago. The exploit is called Java Security Bypass Zero-Day.

Apple released the following statement about the attack:

"Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers. The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers. We identified a small number of systems within Apple that were infected and isolated them from our network. There is no evidence that any data left Apple. We are working closely with law enforcement to find the source of the malware.
Since OS X Lion, Macs have shipped without Java installed and as a added security measure OS X automatically disables Java if it has been unused for 35 days.to protect Mac users that have installed Java, today we are releasing an updated Java malware removal tool that will check Mac systems and remove this malware if found."

Facebook suffered the same malware attack last week but claimed that user-data was not compromised.

Twitter said they were also attacked and is still investigating to determine if user-data was compromised. It is alleged that these attacks were carried out by a small division of the Chinese army.

Please ensure that you have the recommended version of Java running on your computer by clicking here.

For information about the "Java Security Bypass Zero-day" exploit, click here.

Read more about this story by clicking here.