Web Page Expert
Posts: 6,249
Registered: ‎11-14-2006

Mac malware involving Java

[ Edited ]

Since I am one of the people who doesn't run special software to protect my Mac from infections, I note that we just ran Software Update to patch a vulnerability in Java.


This update won't be available if you do not have Java installed. You also wouldn't be exposed to this malware in that case.


Yes, there is a specific problem. Yes, Apple took a while to fix it.


Edit to add links now that I'm on my desktop rather than on my iPad:


See Apple knowledge base:


Ars Technica has more details:

Web Page Expert
Posts: 6,249
Registered: ‎11-14-2006

Re: Mac malware involving Java

It's my understanding that there is a followup update to Java as well. 

Run Software Update  (Apple menu > Software Update) to update Java. 


Read this article that shows how you can tell if you are infected by reading default values from the Terminal. That's a read-only detection using the command-line terminal you already have on your computer:

Networking Expert
Posts: 3,567
Registered: ‎07-04-2003

Re: Mac malware involving Java

Note: The second update is only for Lion and not for Snow Leopard.


Mac Expert
Posts: 5,829
Registered: ‎12-01-2003

Re: Mac malware involving Java

It should be noted that there is yet another update for Java available from Software Update. This one disables the java browser plugin by default; also, if you manually re-enable it and go a while without using it, the plugin will again be automatically disabled. This behavior is probably Safari-specific.