by Graham Cluley on April 27, 2012 | Leave a commentMac and WindowsExperts at SophosLabs have identified a new malware attack that is targeting both Mac and Windows computers, exploiting the infamous Java security vulnerability that allowed the Flashback botnet to commandeer 600,000 Macs.
Internet users who visit compromised webpages may find themselves at risk of infection via a Java exploit that downloads malicious software onto their computer. Patches for the Java vulnerability have been available since February 14th for Windows, Linux and Unix computers and since early April for Mac users.
Nevertheless, there may still be some users who have not yet patched their computers - and are at risk of attack.
The latest malware attack exploits the Java vulnerability to download further malicious code onto the computer (Sophos products detect the attack as Mal/20113544-A and Mal/JavaCmC-A).
cont on link
Latest Java update Java SE 7u4
http://www.oracle.com/technetwork/java/javase/downloads/index-jsp-138363.html#javasejdk