may have infected more than half a million Macs; it could if the victim merely visited a maliciously crafted website.
Apple released an update patching the Java vulnerabilities exploited by Flashback . Thursday's additional Java update goes a step further, removing the most common variants of the Flashback malware.
The update also reconfigures the Java plug-in so that it disables automatic execution of Java applets by default. If you prefer to live dangerously, you can re-enable automatic Java applet execution by running the Java Preferences app ensconced comfortably in your /Application/Utilities folder. After an indeterminate period of your not having run any Java applets, however, your Mac will automatically disable auto-execution again.
Apple unsurprisingly recommends the update to all Mac users who have Java installed. The update is available via Software Update; at this writing, it's not yet appearing on Apple's .