Were you unable to attend Transform 2022? Check out all of the summit sessions in our on-demand library now! Watch here.
Apple’s not invulnerable, after all.
A small number of Apple employees’ computers were hacked recently by the same crew that attacked Facebook, and which Facebook claimed it traced back to China. In that case, Facebook said, its employees’ machines were fully patched and up-to-date, and entry was gained via a previously unknown zero-day attack in the Java browser plugin.
In a statement released to AllThingsD, Apple said there was no evidence the attack succeeded in getting any corporate data:
Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers. The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers. We identified a small number of systems within Apple that were infected and isolated them from our network. There is no evidence that any data left Apple. We are working closely with law enforcement to find the source of the malware.
Java is notoriously a source of security problems, and Apple says it will release a software tool later today to patch the problem. Oracle had provided a patch on February 1, 2013, according to Facebook, but Apple is not known for being quick to release new updates. That update is not yet available, at least according to my MacBook Air’s software update mechanism.
MetaBeat will bring together thought leaders to give guidance on how metaverse technology will transform the way all industries communicate and do business on October 4 in San Francisco, CA.
Worth noting: Apple has not shipped Java since Mac OS X Lion — which launched in July of 2011 — and also disables Java if it has not been used in 35 days.
Apple says it is assisting authorities in tracking down the hackers.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.