Update your OS X Java now

There is a nasty trojan out there. Update your OS X Java now with Software Update (Lion & Leopard)


or disable the Java browser plugin for good (all older variants) with the /Applications/Utilities/Terminal command

sudo rm -rf /Library/Internet Plug-Ins/JavaAppletPlugin.plugin


For admins: Check remotely with ssh or Apple Remote Desktop

for i in Safari Firefox FirefoxAurora SeaMonkey Opera Google Chrome; do if ( defaults read "/Applications/${i}.app/Contents/Info" DYLD_INSERT_LIBRARIES ); then
echo TARKASTA; fi; done

See also https://github.com/hjuutilainen/adminscripts/blob/master/check-for-osx-flashback.K.sh

Installed Java version?

grep -1 VersionString /System/Library/Java/JavaVirtualMachines/1.6.0.jdk/Contents/Info.plist | tail -1 | sed -E 's,^.*>(.*)<.*$,1,'

2012-04-15: After the 2nd update and should be 13.7.2 for Snow Leopard or 14.2.2 for Lion

2012-04-16: The update really is important as new variants using the same vulnerability emerge.