Malware + Security & Privacy + Security News

Apple Issues Second Java Update to Patch Vulnerability Exploited by Flashback Malware

Posted on by

Apple has issued a second Java update to patch a vulnerability that has been exploited by the Flashback malware, which has infected more that a half-million Macs. Java for OS X 2012-002 seems to be the same as the first update, and the support document for this update gives no information (and is, in fact, incorrect, as it names the update Java for OS X Lion 2012-001, whereas Software Update displays it as Java for OS X 2012-002.

It is possible that Apple discovered a minor glitch in the first update, necessitating a new release. It seems that this update is only available for Lion, whereas the first update was for both Snow Leopard and Lion.

In any case, it is essential that all Mac users apply this update. The Flashback malware has been very active in the wild, and can install with no user interaction, if Java is not patched.