Apple quietly released Java patches for OS X on Tuesday after users were left vulnerable to Flashback malware that had security experts so worried they recommended ditching Java.
Flashback uses a vulnerability in Java to infect computers, but although this vulnerability was known and patched for Windows users in February, Apple has only now released an update for OS X 10.6 and 10.7. While Java is owned by Oracle, which issued the earlier Windows patch, Apple has taken it upon itself to first vet any updates before they are rolled out to Macs, introducing significant delays between when a vulnerability is patched by Oracle and when that same patch is available to OS X users.
The malware authors turned their attention to Macs in early March, with Intego discovering that Mac users visiting certain infected websites were automatically infected. Intego also claims that Flashback was created by the same authors of the Mac Defender Trojan.
For more on this ZDNet UK-selected story, see Apple patches potential malware 'outbreak' on ZDNet Australia.
Get the latest technology news and analysis, blogs and reviews delivered directly to your inbox with ZDNet UK's newsletters.