最新的OSX(OS X Lion 2012-002的Java)Java更新到1.6.0_31也是闪回恶意软件的错误修复？

该更新在here中描述为：

Multiple vulnerabilities exist in Java 1.6.0_29, the most serious of
which may allow an untrusted Java applet to execute arbitrary code
outside the Java sandbox. Visiting a web page containing a maliciously
crafted untrusted Java applet may lead to arbitrary code execution
with the privileges of the current user. These issues are addressed by
updating to Java version 1.6.0_31. Further information is available
via the Java website at
07001

解决方法:

它修复了Flashback用于安装自身的漏洞; this Gizmodo article提供了更多信息来检查：

1. Run the following command in Terminal:

defaults read /Applications/Safari.app/Contents/Info LSEnvironment

2. Take note of the value, DYLD_INSERT_LIBRARIES
3. Proceed to step 8 if you got the following error message:

"The domain/default pair of (/Applications/Safari.app/Contents/Info, LSEnvironment) does not exist"

如果你没有收到错误信息,那么,time to head to F-Secure for your fix.如果到目前为止你是干净的,你可以继续第八步：

8. Run the following command in Terminal:

defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES

9. Take note of the result. Your system is already clean of this variant if you got an error message similar to the following:

"The domain/default pair of (/Users/joe/.MacOSX/environment, DYLD_INSERT_LIBRARIES) does not exist"

如果您没有启用任何防病毒保护,您可能需要查看优秀(和免费)Sophos Home Edition