Apple has issued a second update to Java in just two days this week as the company works to patch vulnerabilities that have led to the infection of over 600,000 Macs. The Java for OS 2012-002 update is now available to download via Software Update, and it’s recommended that you update.
The updates follow this week’s report from the Russian antivirus company Dr. Web, which claimed over 600,000 Macs had now been affected by a Flashback trojan that exploits a vulnerability in older versions of Java. Apple’s first update had already fixed multiple vulnerabilities, the most concerning of which could “allow and untrusted Java applet to execute arbitrary code outside the Java sandbox.”
However, the company obviously discovered other issues and a second update, which brings “improved compatibility, security, and reliability,” is now available to download.
If you suspect that your system might be infected, or you’d just like to rule out the possibility, you can check out yesterday’s post for instructions on how to check. There’s also a link to F-Secure’s guide on removing and Flashback malware you may have.
In Apple’s next major Mac OS X update, dubbed Mountain Lion, it has introduced a new feature called “Gatekeeper,” which can prevent the system from installing any software that wasn’t obtained from the Mac App Store. This should prevent malware like the Flashback trojan from infecting your system.