Apple's iron grip on information and the release of fixes has been a nagging issue for years. In 2008, for example, to patch a .

"Why Apple did not deploy these fixes before Mac users were victimized by criminals is unclear," wrote Chester Wisniewski, a security researcher for UK-based vendor Sophos, in a.

Brian Krebs, of , says that more threats are on the way. "We can expect an evolution of threats against Mac users that will largely mirror those that Windows users face: that is, via the exploitation of vulnerable browser plug-ins, such as Adobe Reader, Flash, and most definitely Java."

Apple's Flashback fix, deployed Thursday, mitigates Java flaws. "As a security hardening measure, the Java browser plug-in and Java Web Start are deactivated if they are unused for 35 days," .